From 4a8fa5139a6a6733cc54dce6e76e4295f211b9cc Mon Sep 17 00:00:00 2001 From: TrueCharts-Bot Date: Thu, 14 Jul 2022 09:37:38 +0000 Subject: [PATCH] Commit new Chart releases for TrueCharts Signed-off-by: TrueCharts-Bot --- stable/authelia/11.0.19/CHANGELOG.md | 99 + stable/authelia/11.0.19/Chart.lock | 12 + stable/authelia/11.0.19/Chart.yaml | 46 + stable/authelia/11.0.19/README.md | 45 + stable/authelia/11.0.19/app-readme.md | 3 + .../authelia/11.0.19/charts/common-10.4.4.tgz | Bin 0 -> 47288 bytes .../11.0.19/charts/postgresql-8.0.30.tgz | Bin 0 -> 79251 bytes .../authelia/11.0.19/charts/redis-3.0.30.tgz | Bin 0 -> 65401 bytes stable/authelia/11.0.19/icon.png | Bin 0 -> 18745 bytes stable/authelia/11.0.19/ix_values.yaml | 623 +++ stable/authelia/11.0.19/questions.yaml | 3340 +++++++++++++++++ .../authelia/11.0.19/templates/_configmap.tpl | 248 ++ .../authelia/11.0.19/templates/_secrets.tpl | 67 + stable/authelia/11.0.19/templates/common.yaml | 74 + stable/authelia/11.0.19/values.yaml | 0 15 files changed, 4557 insertions(+) create mode 100644 stable/authelia/11.0.19/CHANGELOG.md create mode 100644 stable/authelia/11.0.19/Chart.lock create mode 100644 stable/authelia/11.0.19/Chart.yaml create mode 100644 stable/authelia/11.0.19/README.md create mode 100644 stable/authelia/11.0.19/app-readme.md create mode 100644 stable/authelia/11.0.19/charts/common-10.4.4.tgz create mode 100644 stable/authelia/11.0.19/charts/postgresql-8.0.30.tgz create mode 100644 stable/authelia/11.0.19/charts/redis-3.0.30.tgz create mode 100644 stable/authelia/11.0.19/icon.png create mode 100644 stable/authelia/11.0.19/ix_values.yaml create mode 100644 stable/authelia/11.0.19/questions.yaml create mode 100644 stable/authelia/11.0.19/templates/_configmap.tpl create mode 100644 stable/authelia/11.0.19/templates/_secrets.tpl create mode 100644 stable/authelia/11.0.19/templates/common.yaml create mode 100644 stable/authelia/11.0.19/values.yaml diff --git a/stable/authelia/11.0.19/CHANGELOG.md b/stable/authelia/11.0.19/CHANGELOG.md new file mode 100644 index 00000000000..d33081a8783 --- /dev/null +++ b/stable/authelia/11.0.19/CHANGELOG.md @@ -0,0 +1,99 @@ +# Changelog + + +## [authelia-11.0.19](https://github.com/truecharts/apps/compare/authelia-11.0.18...authelia-11.0.19) (2022-07-14) + +### Fix + +- disable HTTP probes temporarily ([#3173](https://github.com/truecharts/apps/issues/3173)) + + + +## [authelia-11.0.18](https://github.com/truecharts/apps/compare/authelia-11.0.16...authelia-11.0.18) (2022-07-12) + +### Chore + +- update icons ([#3156](https://github.com/truecharts/apps/issues/3156)) +- bump to cleanup old docs and use correct icon urls + + + +## [authelia-11.0.16](https://github.com/truecharts/apps/compare/authelia-11.0.15...authelia-11.0.16) (2022-07-12) + +### Chore + +- bump to regenerate documentation + + + + +### [authelia-11.0.15](https://github.com/truecharts/apps/compare/authelia-11.0.14...authelia-11.0.15) (2022-07-12) + +#### Chore + +* update helm general non-major helm releases ([#3147](https://github.com/truecharts/apps/issues/3147)) + + + + +### [authelia-11.0.14](https://github.com/truecharts/apps/compare/authelia-11.0.13...authelia-11.0.14) (2022-07-11) + +#### Chore + +* move icons into the apps folder ([#3139](https://github.com/truecharts/apps/issues/3139)) + + + + +### [authelia-11.0.13](https://github.com/truecharts/apps/compare/authelia-11.0.12...authelia-11.0.13) (2022-07-09) + +#### Chore + +* update helm general non-major helm releases ([#3113](https://github.com/truecharts/apps/issues/3113)) + + + + +### [authelia-11.0.12](https://github.com/truecharts/apps/compare/authelia-11.0.11...authelia-11.0.12) (2022-07-06) + +#### Chore + +* update docker general non-major ([#3078](https://github.com/truecharts/apps/issues/3078)) + + + + +### [authelia-11.0.11](https://github.com/truecharts/apps/compare/authelia-11.0.10...authelia-11.0.11) (2022-07-05) + +#### Chore + +* update helm general non-major helm releases ([#3075](https://github.com/truecharts/apps/issues/3075)) + + + + +### [authelia-11.0.10](https://github.com/truecharts/apps/compare/authelia-11.0.9...authelia-11.0.10) (2022-07-04) + +#### Chore + +* update helm general non-major helm releases ([#3066](https://github.com/truecharts/apps/issues/3066)) + + + + +### [authelia-11.0.9](https://github.com/truecharts/apps/compare/authelia-11.0.8...authelia-11.0.9) (2022-06-29) + +#### Chore + +* update docker general non-major ([#3002](https://github.com/truecharts/apps/issues/3002)) + + + + +### [authelia-11.0.8](https://github.com/truecharts/apps/compare/authelia-11.0.7...authelia-11.0.8) (2022-06-25) + +#### Chore + +* update helm general non-major helm releases ([#2977](https://github.com/truecharts/apps/issues/2977)) + + diff --git a/stable/authelia/11.0.19/Chart.lock b/stable/authelia/11.0.19/Chart.lock new file mode 100644 index 00000000000..0639bfdf029 --- /dev/null +++ b/stable/authelia/11.0.19/Chart.lock @@ -0,0 +1,12 @@ +dependencies: +- name: common + repository: https://library-charts.truecharts.org + version: 10.4.4 +- name: postgresql + repository: https://charts.truecharts.org/ + version: 8.0.30 +- name: redis + repository: https://charts.truecharts.org + version: 3.0.30 +digest: sha256:219b167cbd3e6d31f846ea247c9c12c15ece396a62777870f479b331a392bd5d +generated: "2022-07-14T09:34:52.335371907Z" diff --git a/stable/authelia/11.0.19/Chart.yaml b/stable/authelia/11.0.19/Chart.yaml new file mode 100644 index 00000000000..d28733f48b6 --- /dev/null +++ b/stable/authelia/11.0.19/Chart.yaml @@ -0,0 +1,46 @@ +apiVersion: v2 +appVersion: "4.36.2" +dependencies: +- name: common + repository: https://library-charts.truecharts.org + version: 10.4.4 +- condition: postgresql.enabled + name: postgresql + repository: https://charts.truecharts.org/ + version: 8.0.30 +- condition: redis.enabled + name: redis + repository: https://charts.truecharts.org + version: 3.0.30 +deprecated: false +description: Authelia is a Single Sign-On Multi-Factor portal for web apps +home: https://github.com/truecharts/apps/tree/master/charts/stable/authelia +icon: https://truecharts.org/img/chart-icons/authelia.png +keywords: +- authelia +- authentication +- login +- SSO +- Authentication +- Security +- Two-Factor +- U2F +- YubiKey +- Push Notifications +- LDAP +kubeVersion: '>=1.16.0-0' +maintainers: +- email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: authelia +sources: +- https://github.com/authelia/chartrepo +- https://github.com/authelia/authelia +type: application +version: 11.0.19 +annotations: + truecharts.org/catagories: | + - security + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/stable/authelia/11.0.19/README.md b/stable/authelia/11.0.19/README.md new file mode 100644 index 00000000000..d8a13ac9a24 --- /dev/null +++ b/stable/authelia/11.0.19/README.md @@ -0,0 +1,45 @@ +# authelia + +Authelia is a Single Sign-On Multi-Factor portal for web apps + +TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation. +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)** + +## Source Code + +* +* + +## Requirements + +Kubernetes: `>=1.16.0-0` + +## Dependencies + +| Repository | Name | Version | +|------------|------|---------| +| https://charts.truecharts.org/ | postgresql | 8.0.30 | +| https://charts.truecharts.org | redis | 3.0.30 | +| https://library-charts.truecharts.org | common | 10.4.4 | + +## Installing the Chart + +To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/02-Installing-an-App/). + +## Upgrading, Rolling Back and Uninstalling the Chart + +To upgrade, rollback or delete this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/04-Upgrade-rollback-delete-an-App/). + +##### Connecting to other apps +If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our [Linking Apps Internally](https://truecharts.org/manual/Quick-Start%20Guides/06-linking-apps/) quick-start guide. + +## Support + +- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Adding-TrueCharts/) first. +- See the [Wiki](https://truecharts.org) +- Check our [Discord](https://discord.gg/tVsPTHWTtr) +- Open a [issue](https://github.com/truecharts/apps/issues/new/choose) + +--- + +All Rights Reserved - The TrueCharts Project diff --git a/stable/authelia/11.0.19/app-readme.md b/stable/authelia/11.0.19/app-readme.md new file mode 100644 index 00000000000..f0d4ea68c63 --- /dev/null +++ b/stable/authelia/11.0.19/app-readme.md @@ -0,0 +1,3 @@ +Authelia is a Single Sign-On Multi-Factor portal for web apps + +This App is supplied by TrueCharts, for more information please visit https://truecharts.org diff --git a/stable/authelia/11.0.19/charts/common-10.4.4.tgz b/stable/authelia/11.0.19/charts/common-10.4.4.tgz new file mode 100644 index 0000000000000000000000000000000000000000..8604b47288a457e2e334c195e3226036e9560f82 GIT binary patch literal 47288 zcmV)KK)SyliwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POv1ciT9UI1cw~eF{8GdfT2gb+auyn#nxt*iN@kCytNpq<_0J zeH@5{B#bGN4S;gg>3sM9!Ic0n66IUcGv>~AED|Ub3WY*dp->2t*(`}Whf_#cdjV(B zclZBvyWQ?!XGi?o?RJa*b_d(N?|M7^!FG3huh;K=*X{Lp2Ho#K_W^JzJsD+?eAm5m zTgA@(NgkNu4~S5l#6vLew_uu@pAlq;vQ~&_Kyb>$yVqG9@V`KWM+A}u7$*c=k_-t3 zqOEB%LqjlSETzLvXM))@8?}RE)?p+=fhf~~X-YecAk>*b$`I+O_mUM`IN%Lw5O59| zB(yC-WfYMhi5ZHSfSPso20PvE-tKPe8ZB-T64GJI2YF*HUt{Wv7cC#CX0EdlGF|=Q z?=O4p-k{y}yFavM5XTJS7!d&s%^;430LSCxe{#U>giKlh#E|#bA^-pxiE{J{6=ZRR z0b8VKsL^Z9H7>nwd#AnAdZh7J^M4Mb4ABP?088h8ueZ&=73Tk5fA4AjKgRP6_&#`- zqWHtvDWE9|@E8XmNa8V`WCZfL-g*Z9Cq!eIMT{4|KnRRbl-#tE6vgv2KAFJ@8nyrs zur36Q1z=MIQ~?k~7{v@=Ua$oKL1{uUOUPmfCewhlabn8{Rm+#Pn!*JP@(Ib{L`$y! zp;Or39SldoHrySI`a$o-F5DUI1ZX!H?2Sj=px=El-rnzS4|e-KGzzzSgK*r3d*NVz zwA0@my$E*pN88=T7^GPgfi#J5uxJ7C>rDI@f|K!S!p;byyhAMk?H5eYj~OK4x>Ucx z1WkCwdb;PZ8YyizB^t{*Zw)@?Fulu66qv_obM*G_+d@rjmtPIbp>n@HXm>Svx3~L!xV^s*``d%PF+@B2gYF(D>ZrT3(;dIqhC8SWcY^Mq z{{oG}UN0Q&h5g=su-)AYU%Ut!w7nK}W5nn*N!Ys7)%EJBYalnIt}eeCR=uzo?7rB4 z(I58)+Yt4~{r-#Hz5ZU<-QOGUpzcn9f_~WRcf0*ye`hcVd%<`-*nzvdy}@X--5rf# zgSP9bdl22g1yytnk`Pfu=7_9I*}P^wZFw1Afp17&t4bq?4h!$JcXJjV?C*zr2=#Zv zUAWUnd;8(`XuPu*>+cUn{n6e|FxcK3^>@eNet)nt-m6~eoTi(Sbe2U7;}|cQ+@grj z%QPiVUZV;gK_R9U6zaCS?VcvkPOrDW8wLpW&|o}(-R<3Qzx$#a!ksQeK`?-W7Xca% z2BR0fFz9V>_u-3f@FMK@_XoXjd$6~v;imMNM9Bz7Ib9F~Fb2sS5rRV`j4COX(HMUM z$yodvXHmor2xWG>Q>7g!yc~)dCP(lW)bJ zHZFI^V9D^x@m~Y1tZ>&p-LhG`Bd6JHgb1HqA)=U|5Tr>+r5uWI0O=6)mM~D3P6!MU zpo~Cfep2yYyudE;5>;U98cb-A!Ld#IjjrS zn+sG4>|K0>BE(P`L=Ij8I})VeU;v)P3E@)*Q~pik&!-l#LGTw=_j4K-TAIO6AdBG~ z;)qW@QOo+h4j7t|i3A}2Dpa+Gwoo^PglQ=U@?S<;oXZjAKnR*+ijx>jG384Qi119T zDEh-s^8FkBdI+{#E$pmeQqbp1mAh`arSf&ieP6pwC}l*fn&1LOC}0TzFp82JDpmyq z=>nuUxW@4WKoH{b7?Iop4ROG>0G_1@VK8Q9A-Om_cykPXe19T4qahE0Cw_Y^)v#U} z6tB-_Fb+59rh%iCAU+L*hpeRviK$!x1Cj|{Qk#Fasvd-)tbt=AVgO4tq)f~yz=wad z(9qhgXW)$B86-GbRCE}9Vgw$z?QlLg)JT9!JVU=HF=}1@-w?dNJZ!a6$b#ufoG?6I zsD-5Eh=EizxB!CAk#T~a9$d(lTk=D3wVI$9NsUsk=?Z| z#0j0xBspbxRY0S)sh@EiS__R(o7L=;1yJbfcnx4$@Mbv1vup<7EXiWVAuILb2g*eoP2o*k z0kkLH&2W6Km65xH>~RrHv6PfJ&+Dc`g${a2REjA#$EX zQq#76zrt~d<4G-Rkr50UGZZg;S2p4>>X=8sU!P@;#lTZ;04tF#(QZJNrF_GezJv05 zY=IGFgZ#I>COTl;6?6%N(kj0OHo8+qnCkud$k|jX!&{E(c_xOWy2FHjEL1u|W3kw4 zHl^9Mh}GsYT=8Rkbt;jUA^=aziSv zz{|Je`yHs(E(zv$(Qva$KzWgm`yr_C9 z{8*k>*8tMGe1rpxWKH=_d2kxnQYcua*n6tvV2B9{ShN6;F&Iph_Q{tMWz6B2Au@)6 z7~8W5LCS{|z#B-=5L|K?qeTiSMHF1`Q_WJ8TY!kfFgnoysO5O#W{&wV1Rjd%wx|40 zIEAyJ`dc~syl@(%UQOK*=`O2E`D6}s2_S!-oE_Rb4b)Tuzz3c-zq;*SzuW2W6e^!5 z8AEQB5K)F>D5G_}Zd?3c$KWNN31sL7E`|<#;{!NHafrlxq6i$vbN>S*oU|a#7*p%# zjE@E%n(J(YNQ@Zb^bQDOV2lZ6?Uwv?9M7%k`xXlOVU9@>3w7Ptu5ECs*5TZ~cm^&O zF@vA9XLi_n1`alXHqxJgSDWDM;Ns$!qapa=^JmaLM}jHZTuy;6Uw&vk1Ba$aOZ8q_ z+HYa{Gg_RZv3ai-fBD^?!PGaFn|Q9#V#xoaUmuk~3#;xmNoE#MNrqBex;6Q^&{DZA z@wD5VCdZq`y1e{9r)5o+*Go!N(+TNOLh)SSudP@^EDQTOGWn`ArJ{Bp3(C1*m_#if zMgWXSG83LG%|+Heg{W~VUBt?V;pc@M5za-?k(A&{o0R;?p^p$}QEq!K z96ykOD#o#8ej2dw=K2Pb&<|leK_tnjpCeKS9ev`)9%e#z3I&`ZAyrz>KQhR`$)HIvrE=4ZzHAu>5ivFPu!e6E+)^4+evQxR5TYB;$$%HKt##Aq; z3HYd#nb%yX{es!_Ct3Gn%K}n#tK@6EXIJ+C9y@JgDk}=z*{f-(suowz+bx5r7!13* zcEqO2X?1jZp~+0Q%+9tph2k(_R0&xyg9|_qO`1v1na{G6 za=G-%IAp;M0x%*7h6_FNz>}@K>;Z2Jgc%a1K8Hn65(E;LycMzDiw?@Qkxy;22*_nl ziWUL1G(k5{{;U8lZFdwGE41}NvehqhV~XiZU+coziJ(*=8ZXUCLO64E_Py{D~k^(r-|;Rc=01i zvQ)nryFY1`rV-+-03-21GnOiMIOS4MPsn%id6KZVn9d*zrt4uX+==-X2`yuv5;8o*@7kz%gYoiiFRj z-BQ2IZV$cZ))2Q

4l%Kqhx16{icsuH91m#FZH6I1(5yL`!)gVa0MBxFW>GI9UM9 z(2TahF>lf-tsQn#I7a|;X?_!P{gI0&uD}#v@K3U@q22?KL9HZ2WO;Cgi)2ktto@Rp zafhlZE$i1ZEOS_uxSo+@gh~-!zTZTYGf1z6K$ooUr%C7=e69Bpo}-vs+k9eT@fT%~ zuq^eZU$3*dEberq%{t!)Zxkr$5G>$bbd={%0MIy;Rbx3pZLqEqtfs#c{D6f@^O1l0 z$dwYVFx_A}m2P`E`imqZVvscOGXqz825z{_U-Z^e6gBz}^#R)6!Oy-EXefBO7 z&!qE0TH2R~XL$oBV*tTVmzQU%1x)4ArJXTCJn`=x{+|o8v~S8Tr;tr`ovNlgo(ef& z)1mogEC)^(FvchfHB-yZst}Ii#<)W@%h4-!(+C9&h2W#6q!@`UiKc90nnWSh5LMil zmPVDZ>o^Ap%!f*~5|ChYgd(`OKtU3RbO?G~^)*EVi$%8Zo=eCiW9GxIdOwCZ$_Tog z5=1$|{7W9E5kh<`UN_UMn%T|g2jO-D{fXVzVRx5o_ss9rz`r$yzmRLf+U%~@l4@qB zHqd)!bp`v0(br*gn`rmU=2f8YgUO4`+*j|PJ(I5X8GzI{`iV2>wpvnSg-(2*YkG*Wg$&$GaWIwJ zy*Ls+hy0CejQl`>1s2Q@rEr3bJ#a%XV<>Lx=A@puOid(6IO_sree_|9JKXAz5*Ydf z(Ig`Qq8+Y6&U>9_#vt;0o7}!qSe$VdGy>x!4spPZjA?Syyd(LBeww5i*Op`w`Z9TwOz6A#n2>~g{7Pid5t4d4Q;A7{Oz+s;_2a`2x?<2yMJcU^s#ii~~eA zw*de7O8wl@?&y=VEpVEI=uC!z>V@2VEd~Txrvhru1=OAlP#riU$((n(Ca6>{05iA{ zZXWbohKUq~HE~I$!wR=V>sCh=>bs;sE$K~E6^v3Tag-BTgzAbc2V^D%s}v2ZR0>`# zCr~lYOm0x=9r#NE$7386qBgXk$T>{$2WP4PMmfyYBAaC_As9xvtGy#7w2#xyrX0XZ zY=$+c<5UGnwCxEHPa<@|U~s(!&crHll)*^7IG5vK-pIg*^fjE}XrUd%7KlOs98STQ z7sYy~D_^^Xb1O&V-&-#Qe5kCYpb;}^1vOt3 zRxS*wmM=9c!-~~G&|<~XV8OZN>L4jzyEN1+4-Rt(5V1J7l-EfJ8y3oPdCU93k|2rN z*0+l+6)>zbL?5|*^l?l6d%^#>JUmkh;QOPqk9KuwO7Tz1s7m2Y3?R46@@UOC1QW#a z6-xx}a8`PM{ziNi>s!9nX7yeoJQUCiT`~^ld~FiJz@n=Kt5xomI}4fUwb=U?!Dsni zoA}apNB3h6`Xe7Pbt)Kz$}F>n!K}?VHV4F{@7l7}a7-D3AxOqnJG}JAR5T$*qs>Q{ zNc)IWC{$CAkC6y;l|yH%0m3}YanG?X@`H04U9HEmRU?J%^;?XRUbh`xfZCM0>&~ay zh^2vs#}OyA1UbOn$ZmmjYhUTmSKE%WAb&%~oZa=-GME zyD8cVPQ9Y7qwbn3+L{DlS@>?XEY&A}?x<;-=*4PTs#|$*P1_I`EK#)&GL}R*zP4#6 zLl!saxXf-IxG#Aa%) zV&@dFVR97c`LOfm-0 zr!=7^@=>*p;?U2iT8GC)+A105^VyGMe*`HG+_-7o_P+(yXEs~u;DB$_tka8^yIARI zC*tjfAfDj(Q%zA8Q6B~(6rN8Y?@w+h-m{6R9SDk`A`r2OXnm&bCTho*iL`t#q#)71i7)vim8k!eP;u5%Amzpv=oMOoms=W_JR~btcwdF1 zwj*P+Rw9)`HqDXZ0CN48f66VM9J4dXrftv+C17?fI?g-kJr-+4$n|BeQd&6>!QWqk zUc0yBcT14u@qjati^Tb8Iq*s?>1EP!+{u;BxK(pj;LQ}E$l%S!kcCR#4632+h#yq6e!Z<>G8u683QYL!3VXvKSY>gT+VX&1;fSeQ)yeV#Rvk}u>sDzB z0)Qzdj{xWdv;}!=4z2(@tX~VRagq$d2$E%-c4sbYIEE^Mt|s^_$H#21s+jf?u1>sy z*kq;crC|%{JkTPh0aw_~@t)T)$GvKrB8P#?F=rnR72p3GZWNeKM`m^v`dg>xl?Tb% zEh=p+4>>!g5jy*DxTXI5>1>O0#1=ralr4@h*-{JMRzBsn#9}3qo^XZ}F%s5JQaZQI zs&PUBle;DriII3;EYkmiqe!Se!fuKeCdC?2ZUAY{aX1ynU4Idt3YN&lN=AGnQ8q)` zVskg+HG%CTAs;(`X-&E`Gfz1T0*Ja(kNr@ERpZua*Sky z0yz;iz#*!b)bj2I9@}8^T?SDdg(85;mqFCLt`0CSN#!*iDzd%h{*()r5I8~L(42nC zrL_Y<_>U+OsR2IvAGbibh~W$eTrHE?oaD(8O|h_|novRf|9gEQf^PEdQUd~!3MYc< zR~a6k(`+ivIz<#okP|#dF`%+nvQy>ySu8xpC0Q!WfV96kYc(#>~vI;;l-}y{)Y!YinNf$cg zFht{vBqP26Y2ol*xeS9O{+CWPFI*NM9RMHORu&5gXg2a?I9E(H9~w&_%x9?f!HY<8 zBJ;$GW9DYA@Uio0HWEgILQBpjlB95=PE0s*@Iai;d7Ic-8?{7a1zvrdyD}4{$P4XQ zfB>^3L}t$9&i;`KzEi^|$2COc|EGYi<%E|oIyr{E#E|NPMn1=aN*6pdT^oXP1jAnl zX6PMPSo7|S@J@q!h3N?fm>KIh1%QVI#2A%=*y!Z<5Bsj{~CNF*tWk6&Hrb5C5$ ziBP&;Uk7g*unQ*mwGTD!pueuPh zSvsa*6%s3FLwhRQ_@{w-d5wdq zjNVti4_>Bhnzqdzj^dUO%`GiY?}iE$Ek$I8DHUD_dF&*ZCO5H688@A&tc?`0v%Fx* z#I3OVmBG=_>NjUY_^^D`n18G?*Jq0(yEhkhW)5BPa*+xz54V1TDGILjxe7)W%6s5q zs&V4OWNoj7Ng#6SD*s(Vw8O@wa5+Cz!G|D-v4#gh2Og9eR>l^8MZT4usRrz;U08Qz zU)kgPXJQTaiIu++D=YId=ioZNlLh^m&ON$>=`8=}pV%R3_4nc2k}}<)bR5c&_@F>? zd!N(o4h|G8S)`*x{<_enyV&so&vGC3(7XcLJtw^?JN>TpN$wTQ7QW8aQ^Qw!hph=~ z>9X#wOFe%%8)D_qQOoa_qan8nRAwwSOrpO0aH_hMrwn`I-+KP79C8%~uzI{zuC-=^ zEeo$6X(vzH%3&@-eH!9g5f$bl%0zAoBF$`fvPDowc^tx?zym>kG zZ4Hih%v^bv9|xz&4Dr9cCq7>y%2w>@Sobz5fs}7=f3yOKa2(<}4n+z^Ot1AtC?W|G zWiSp`%U{kWUNA*4_0>CH#I7o;pK=Kzx0pD=gCwSm zKrC|Luch$FjE*>-_-HPpOFEEJJc&i-qc{ms=UFW78$;pl28=Du{aj9 zuyB&;s@Kk?*90})nh)d9hcUyxezV!qe^nsKk~E2u$>JjAOnrDqO!aYbaY|es71s^; zRJ7pd#NbM0UGvmrW}U%L7uV=!2>ym+h9-#oU9g9)_%oO4f0MaL<(Hc&ir>c+GEB!} zzp3zD1bO7c_BSb2|6a)M#RL&p5~-tG^d81cz!c+?!xc0zjTF*Fb6f5p!jK{p&!sec z6f=V5+YVwuM}}!~YNaWcoF`{GzE>8?Glt$n9!D64zCyrfiQqxR0$wbMkE$up6C@x)aIVe^iIgFnV6M$pB7Ko!#Q!enS43VRNWHDc=txTQjvYH4p79kGWAhHE$ z7EF2LZ*h$I@V0f-LztMr2i*^=S{BQ`N-B<%C`xWb{@!OG;^JZp!0=xgW%7Ioq##CI zrbDvW5}j8G(WNO$q6HWcaiRi_86x0^oW?(h3l+tPNChcKvmw~&cDpm>gPw`YG53GO zBIT7FMXPA9P;j^V7Aq#u`8xS@QMY5Ay)R@O5&^?Mp1mIy>Wtwv5+TN%JH#rjcZn#Y zE&g8_DMopN$33(*K1Z?t*HXBw#*gk2?6%?ic?5XB5b8TqJk@oGOOZ|uU!93o_k4>t`AuJ9_KYzis8 zNk}L+d6I0R4<2aS$v7T?DVqlvUgIdbxWO!#TAQcnlejS>RLP&|)ydg>#{`&GeH|3j zFeus2yJF?l)D$dam#v|pJMf@bs~8d$MOM0Gb9P!L0M#j#Wbm@~C#Nx>I79)o?jW=L zyuwCv9K6Z|2s?4apb$xn;(6{hEZ-^zO5woy zog|^ayd1WztY^XEBQuGmStm=s#*sOWQ{LpS+|#?&wurN@H&0{!|80(f`Wh#~nswT~ z_uYl{_ZLb#44htGt736bg12IMux~JzVp*)$GCEKO*MEDFkUQ4-)_S|(cN@OF>XlOuzNT)7)CN7CJ4olyMnGrBP zh?Ce714RU^FP;j7@3iNXx9HU*{88o{5a>@KGXu-j2d)83QS743_ykeF)TMMH;9JH@ z!!*^ow&lFg=cu{dN#WGo?v4qUiiW8y*PVc^@H)ao=A*RLA{o#cEo7Q^EixeZ5i{#@ zVsVEL6qgC8>pcmcLx#Y`#ZO#ttW=;Tm^sSRIlK{dH5?5Cs52|V3t?0qQRNk+Xt3j> zm{Tw;)^5vdIz)jTV5xYeYF81zd^K`Gu_3Wotzoj&;Pkav-Z2 z$=_7>MkZ00T0Q!dirZ?i_Bf~VPJbhW5%`G1D?;H%EsPzM0A}IdGZ>o z9jm~zXAhFbMgS&gJOuZf#>Q#D{*kA(0o#LKcTe(xm7}G^2eHX1vIZmMTPk%q5WqTF z5DEt?3rFaIx(!VZU3=Mq_=;ohymr-*bs`Fc9mTHj!dMl;K)P6*j$Rcr- zLX_(%&V`7a!``32;oW|dTx0QpbB7y&bZN3e2$5|5I+vLzV zESnq#&xbH14DkD$9R}#FW{0W$z;1?T&sr)KIL$X1WhQiSjE<{ivQ3V{SU9U=rn54I zC`B<>+AyLVl)9KDp^UFUzeRb0Md_lJnse)>F6V}lz|#i^js6vm0)j&7X{Ha{Ypq1u zF&F~`=|YKn!B}y^kUCEN{`}2_x|7;k6ZjY$z2e-Pk;vLwJVzm>>vxOrYR!5iiau_q zW}LCZ(fZv|6`OTT6@KKdCGjM=Ro7(2hFz0|AGd2kgoEp8!V9n6yS#3*4(8<_w~sW5 z$ojqGwVL&dmwc=qefNNmT<1IHBCU?t8|++_FHLTPcDvo;zump< z-gmv7{$RViz1QpazU%h8-ND{>pnKn)t$H%bAo;F)=eCNS`;$DMKX?Ap63e(rWFzcK zwMjpUGL#Y=%M3`ziYb8M3Uhm}yp)xg8{J!($w;7fo8OU0;cA4!w;Hx@#3_$yXQ~)PYGJ;VXe>&u*roKW^6(lg8An+W=A^Nlho@0UN@TIAY zKOL8vacf5Bt^LqeE37W? zT&3&PyY0i5B8RxHWUlYPvDosqagFe(oiQBgLTv@g1MSTsc;N_CunSGLrG4A11zt37 zXCuS`1D>?4ydvPuO+&!vIGzyRzMSTUm^x+hHCoWp+dt&ifCWYDpAKIF?|Gbr=nAJ^ z-cQxRotL7S=sDPQA)tsN1EvN>;hU*eUD_q7RV5C~$V;b<14xtf zCD@P~Icd2y-L99{@bZ44n2|-Aa7BZ6>;{d5!wQwV zW|cJ5va7$WELS9CSs6RhtA!71+c^YlK8=U}VQwB>Kx?A#R5S>1@eyR*8Xw7QY1W@LFS zD7~L9FV6}RAQz)bih323*Oe{~V)nR|r6-H1+nqvV)LS}udh}o%f{h}Vis9S@8s;~wN{`2#41pE; zf4{f4UC{scw!7O;`u}4*%k+Of{B0Q|A&mgJR$IBSg(_Q`Tk=T7IEy0w7oTIkEh^p# zmw}Q3yp5ldC`3dQGGcKG>Cb3UU)ZyAM|!HR5;qotFP-`1>;HL9p}I!eb{kwt;-9?w z;wIlV*t9xhYnx5bb8)*}t7d-lKi&1{iVqs)_7CuEkj9M3L3>(O+ud24x}HE#b|UYM zHtY(>Tc}$aNtID%u_&BF9C7Qz6AOvFmO;W0Ks1W~jK8P50yo$Aj z%WbP)(qm)1IOj;F+mxg>;S%dDJ~Cvdbl-$olvqUDfm&Zy5GBn<5e|Mv3rUne081{! zc`xt>7!7t%9JuQb2Q3Z*Hvlaoq?*FE*PB~-sGgpOd{(aickuh`XT|!z-5(4J>;GW8 zzw@;IKgJ{c|L2GijOIwh>UG4P7ni)&r4j&BD^z2(AHOJXuSDO{9?_TPNrvIj;=a}o8LI0MsgD6G}snfM!CYX|@{p8<{m{&bjsrOharPmc;Rw#`eW`)d;9TMkx(U_*Z{5wvX)($Y;f zS57j!yW+|n9k(TK5NOoJ6c*pFGywu_DYnS9v`Ct(3u4`@j8C{70|9^R)l_D36T) z&`OQSvM<7L3nvVcxOJkALg{s;18^)eFHQ41WsH7A!3a_m>QH8R1BQ|w%Ot62tDQ4k zwY#f`a@$mp7Cv7} z{uj<7*TH3hb(~j5W3W0~#?KRt`Zk?P0G*{y5#>ao&&+Q_DxBiY~dQ^ z;RA|=J?+2pOd=@{cs_r&^u(^zCVRxC)C>OQ)F*fN-aq8AI{$ zL$3C$f>T4V0;Gbg*DDH#3IH{(O$FC0w6N)bso)QB9;%(!u4p!kD;r*KICRKI)8WwP zwJL{0eQYuuy4@OTx{y{4hl0@g3phdyk(o}iClC0!SAqVQJb0-3tNCai=*eV6(0q~d?or=k9@6N25!7re^<+wJZY z_5bef;7R{~j7PMaZqgtyw9JFWX`{y z@Q-aPiNTjI!zBe7oPaN1JPGqGi=wk6!hzh?s;iTlVj}Rmd{ELkB&mM>NRlk&zfn9N z+EM4~Sl#kX}1_@b$?*y~lfNNS#rV43V zT3O5vR~m~>u%(>^m?R17v?-l-WM&X~AY11HR__X(TrpYl?3!P`I7vFi^ka#zQSI=8 z{@ss?JU#!0Pb2-0-Yo`jh5py;m-N5x_MrEq|2@WI^go?kGq5sZ%5kSg`;+M=*VFz= z?m+($#CXN=y+-j}RlED;XvQyJd|TM(p~kfa^NN74cPacWL#w^qE=jnuD)t4BR5#>G zvO;rlVHC9sr4xp?hNuRhaXj+V`tx<4M)F@>)%;NMzqeD8|2y3$`~OiMBmdPF#)iH* z9mf+e!7Nv6Hw#VxfMc0XTx}dG4j7Y>)86vUk$6;^{c;DIezuG6>eX*SQDqOTf=qvuI=*$Ab=?x z;RrK~lyrn)m?tSdJ-)m;IC^_>+FHXuY^e6<^bQ*ax-Z|bO^=8746DSBLjkQb!f}UA z#ovA){-F^gTpKf|t z=$|DUmIeM*B>%kMsK2U}?tx?ea`G&V_-m+)*Uf*O@K)%5@}l1d)BkpM`z8B-_euYI zl*j0Qb`t3^o~-Zl)d1RtVU|r`Q`*WKRO_-`mhoW?yH~eaNDr}|$JWXZAv>^uvuFtZ zFxmX`d|t`45HGs>I$QaKq=EZUei0fkRyT|BXN)5xyV_y1v}3;K*D=-U zA_m1MxyD*63L=bRlmA&~ooH8PA_9O01g1#I0L#Z+xruGHH!!+3P>a|HpXB^8X&}e|sq?+y6!kSJ?mh+Y0;NE!M>TcWd0y{$InW zx7N8oqfu|T;=YV}n;s8u)USxTGRQQJxsnT2o3F_)#TCOwPCEL4SBh%VozcYlvz~d8rrp-Ie({)R4$0|j z{(9}ho<$eMy`1_qU70`BQP0AX|KJBc*D_#N%l|tD|1|LbZ&%#^(0j`N^eE5L_#erz z_ZRq6IoEu#`KBCvck}B#>5FSWb@P9o#+|Eq8sEna5UcdRZgKwi2K~X4|L0MjI{oj% z+38nM{pM-xXnnj)h^bm93p$|S&P9sc1seSZyd*`j0JXeEt@B?ZlS2X3+KFlJ1`{;N zAX$myiWY4+6>XMMxK^qg^EB3qMg=nYZT?n*)c+iJ_tR5&mdSrL0XkQbJ0Hyc?{{~L z`d@$hN&kD4r%wLs<3MugfnEfl$y!pdrz1=mNXC_RbqmI!s0k}h7jYRXozG+3Xmi1c zR$l_PcKcc~JI=r^MPw$@CNq3jtcQU7^wdR|68p;0$&i}DD*emA$=Bn6uD*?G-C3Jp49s%_akH{~AZp#SLb`)NSqc$@%dw2XEfkt$FWGJ*&w1 zyZ4vJS3RdhZ?E6(4cgsyx6|u;E#TghC+{nj#H?Y8Pcj})-8f3GPR`~#E@raX&!2_H zr7jfhSJ9n^sOHDOW@o=@>g;DNJY7J z;rg=zI=3eNpn~{=0`+^hp?*D=Cd9hq%R*0!-Haj<%X|BlmP;X}Hwg(PWl%hSO_G_6 zRgfCoIT~xpwzf}Ji+KzGa!7;~_+W?X z!{q-cT8;i~6LK^VH_vTxvqoh1^Sa3H4`-)W2k$R`DqY7X7MCW1x0%p2cO`vIYk1lG zH}2>=dH`3>|Gm=w@9xf1{)b0->imDd=&`>S510}Yrt6-@zv2A9lLu&}|EE{F|6yn6DgW1_JZAmRXVyJ?gKKP ztGqzw;|f1epK0ZBiO2%X6J-L_4?xjDaf9dCwH*YR}Ik`Oi$r)o2DOl@j*%7W5*T?iA zewUqwewUqUze~B3SI7VF@Xh<9Yz$Zcw0I zW2&rX=0AlW2eH7?Uv4Jd{}_+XdQVCJ6L&jwu6{}g{++Mg(OD86WGoR^+&#$sU;T3a zkKXpqQ~r-fd6fQ#X`cI39Ac*cQUJjy%8-y$V)dOGrT}RY0%+I*B;uA23fL4f00{yC zL6D)al~Ei|l)=b34MccEAXzL`BIW%e(-hhlhCG*N!q>WYKCjH*u6<>_syj`guA0NK zzFQYP>bqZ3SO^o;_t{rph+?1NcW(UDfUGNIRBJB{j>X$w>^syQ)o#PRGqP}#&!)NE z(Yf~Cv1&CXUb@%5d-<0oFf74U^aW~8!ttat?<>DxjR>l_nO!3wnz~C$UaooanxeH! z!EH~h)OdY zpQALw0i;e%>%CQ7ZBNbMr|L@id#lp6s)QK9flcXg0nfv;_wN~w@b8e}BtAnVKrw?8 zl;?+#IgroQ`lnc3FNb+<2X$jZnwdAUfrB|BaDuExDyX#zi_dP_i^`t7MYDt~?z1y9 z0r58dX@E;JJ)v&>zkAl7{8_dB_lo)7dxM>)`+pwiS!?}=kv@C(7N+%UK3~Uhe7i-z zkUZ!fR&Rswnrpawe(}yLdHFcxH?W?&v?;IZ?)TfR?M<^d6&f>OWfFrKA`_HfnJrgu zYds2az&0zL`SyOF_WEybI(mY%x6%k~ad4sU9Ow=L=<2YeLDmTN>DqoGJRUlt! z*Th%S+u*Em<*)Oy0;UG(LaehrpTc+l)KA^|udf!phvR=M*8g5_XV5LK|GlUDPmlAg zz5bu5yJ8I?#RZ`ioeKylLN}d#M%vK}21ikyq_nrH&DG($j`Egj zP_r<+A-o4Pg>ssC3VRQ@=};UgcgUr)uoZCpQy;K;+S=|U0hhoc&DcCpiWqtvf6J{LEPCI_j-@gy^73`E z_|~C!{nF}4R(rc5Qqzh>rIg)9qOyp7FqTibDgZv1Ce%*BZ2>Wr+oDW9iFvipp9SgK zf?n46RfsBEUgt2y&f6i<7ij}fy6LPSI_>`zEEtc8sU#Nz4}S^}VP17(&)ern1fR9f z(HwJ0P$|*z7_@VAYEcvqRzp9jAzg#0#W<`Y(EH5H2*O7#l4Y^+nSiH=4LiHcd`;Dvay1h28Ut)^SL!EU`81(Rbpa5!8I;}v5NERyBC>jZO@65#j@DGb z=yY}aG-s@pO%+L2HwFKVecg5bUloQZ!=vx$1zzR<9rO$L|Mm8^_nz|qKFTBfzporG zFPkE8Y7f8i^-5Q70Au?wAW*Je8TY^1!>jlz6@c%}&+BmOn%-Wg?)~_D%OG?4@>M;* zWjdApisdrR_kE?!t8k15zVp0uy`g&8pK)tFXgG`>{>>(8|htj&}(2`^BD0+x_r z*@UpZ7CKp5LY5I12uNINvG85DfT}%%ESSD&8o1Y{s_{1!aeRY1hm+Go&RDrN_1UCz ztSI4`jVVz!|3Zi0AD;3Nc)u2$9W}7f5>Uq)QZrBrEq@tEjolW=p;wMYN#+=fU+!Ru zlJf6rW5h1UXHV(6D3$<68c`vL$I#*e>Bvq;r4PAHfYVn|5?t4QXa_hX?pFcvrMMU) zH&Ddh|yKE2Z+&cU!8*3EZ^SfKg)+O8KDvxj@(jh)B3ohI z0u^SXUt7pA`1GLF;o6j&>gwNtkCswsEe=`=>ArcV#7nl~pf)vCG4W%#Tx}TCstpYn zE**PeJ6WrjE~lg~6tB|i#a}+HUr+1T)B4p|`aG>)PwUs8dHs6K!gavBdweFmCrtkA~9<1%cz8?p#g2ETJ4a-^Nl=OVB5D2O9Eqj6Wm!(Y> z>5%uv#LOkc*%L0bT3sxMmiv?|*{*obsM?dPo3rVZ5Ysk64B{A6Ic@8mu2vUSeMMGp zilSMYPCNR{r?0j;hTs~Zv{kW`Kc4@%xx=`^#ch7v{_gw=H*)0YDtGW_!yrJEzD+`% zhsl?LB8HgeyB)T4j$rr;!3@2N1LTRMjMm1zlam98%Z`v05<^)+MEWW#T8HA_od#aK zc=03lY66)|r4$AFQ+5CCLs+G;sTu=?o0Oy;*Z?vB+Y)nLE@mcCGJ+B3na#?8BAM|e zpG5g@r|(v=s>H@XXF__q_Tk%k>hwP{g7>BXuG0T@cS`!-&i0f3_bAU=`X6VC2TAq9 z0e>60UN|Oe1`r6U+)Lbmfs~u3Uo~975TmRg0M0-$znV|CI}|R&3(T0vC?r%CD284I*9O7{>6zyT@Ckho`Lah!~Y7$ zA&w{C3>Vafg?w{k-wacdL`bDLf+<$%O>2j!rPCeR6SQtXXeL(+nI}-^dlwO!2SJcz zF%!s`$|hA(t=y(g?Nceib75BgtUGLc(Q=DK$9m^yZEAFL)r0(VU1Gk{Ec!F(xpn&A z9j|lpOx;wkY^Z(uM)BTT+@~rLuQPR9YFkwTYe4-RV%uc z9HtIZaTAly0})+rC0bzox3#Nb4Uo#@;-rl+k?QxAE=K+#*UTkKhk#Y9b>yUYe6?fU z+=2zQ;IlcLu;Ea=osxtlK@z!xvkAPPE-%k6%vt>9NAdL_h>1@q4W@`wZOT|mYmS;r zOf;ty8-J6)@D+?;93WzF;KLF{qjnZ!-U@27aR)|Ga^uVN|2|IFxnc6_scd)Jrd0IX zNQm60*Ch0mH|6Ba+XNf(s&@TRH!O1tn}X$ix;F04PFI0MOH;k2lt(Wd{yzPNl{h) zLTn(P!+4@|oz#8R>c8fxmC)8YU$ulVb=}Zoc1hrPjD!59qGU*V=Lm+2gD~W>U$bG|SBJXGK~y!qA(R>uR-e9xGaN1C@Na^R7}d!YE#%xPZYC7x zQ%xwu7}U2>GYASU*8R$V7dfHH2$&xxM)Y%j+<>oNTUIszps z4cc~Q1G!=9W<6-u9 zTppgasv@HE5_#tdcA2)NI zLBF!PpkL*U)o@bPM3a&2OL%>=?lWIlHKD%RM4ED?xiBZ~B188iY}`Hp>{6y);SVVK;FN^dN4mPs7| z>LgDtQue!f*<~}SI@{5c&+#ihEBt>@?xWt#4Y*?euQ%uy{eOGAPw`)m^Q`6nb9e3^ zBofT!yKf^VjIMkAmm7p|UwerqnBU5tV%?o!^e$I|72SF|T%=|lzNgE-Dpei3{f6fQ z*7Od2y>+i7|06u=1XD;@=gR8Yofd#q^1r`RlK+FJ^Iwnihzs@)rIfZ=Tl!=H3`k;K z_OR^YZ`*BJ+;~wkOrA3+Pa#KLE#ALuuEaN+2@oT&T@pLNgY;JKVqM*kEdLY_xZ zWvg`3n&7RLpwNMZGN)7&ft!R}M+pqYRn==!sI4oDqaU8VDP%68_+)I9m?1KT0ix35 zlo0_$1g>#xulH$t-fIUjZU=ENZsVk*FA)|!|5t)z;B5i#7O-zklv~on`-(?l|0ADe z^54mmeTM~LmHgk{-Yd%gz1~y)$47bOM2@252K=0jkW#+@OTY+$L~3gxirdR3a%DdC z>l~WB9%z?A`_QgrHQm-IXkldmDr{R9<c6fZDZw_|pq z_`F}zNb;%@9D42%U5aLNL=KZ#Dw6vDt=I0o@G5sASJSoap669aj1YrPt5qomB*_k^ zD7ZExp-i^7Seq#MH6ng-oA_1<_&1l6QYqOatGW;6Y4up+StkFL>-EkdV5{W+POq5% zcd*-kivNC;$JYN<;LF;ozqY3Ngwx001q&^Y=MY7dm!`U0t?%Dbmk&9V_CcCz8LyD= ziAv%>1fG4~!{qk=^2KYxG%du!%&n_K%CN0t&6Z|dhBAXOoS@JjE!@K<7kSq5I^)Pb zZ?x1Zs#x|K9EPw~O+Bd+_A{d6Y-Y=HpK(j6nwXzNhym;h)n7-vzm0Ka80!eh)OYMP2MX}5ks61phQ zcpH3tC>WstW)uOM%#g6*q~MbyImRdoso0!}@C-8)a?_4YF$Ei=g&5_d(+ge}#}nbn z+HAK@#(+p6DS-q@%pi`bVhHgLGjM~Wh+Byn<#cx7s?fE4|AivG#mcUF*hVRA&7!Hu_xNB%J zF{Z?%x=g77w^DxJo46R#h4DNtL0Xbl&&)(wt=W78YCc+w&IO}V3OSPtW>+&umJ*uG zYALC--Gax!>Z>Js)Ze+*Nl+TW00Hm6J>Xq=>kAs)v7(4C?C7$DcW`xQst#d0{9L^g z+Ljx{&KRyf@onwOZq@;g-96b751aUObBk$1K((F|%h{BYBt;}zfBQsX@y5cW1g3j=QF$zrBSk&p?u%maSI)lK7V#2tLp(nG)rQNYT$~m z7iev;ltG5ZStI~gLB3E0s$kp2#}G$gLr_*1I?JNSI!RzQ!1=d!YCeMMcm>`9)bRo8 zhm!;J8pq)Y;?Ff|q97yk zoDxHym_G32yu5Y9T19&i9;09p=nF;7&--kHAu_|UOh+|Cl=3MK*;LUr|M)ilHY^SP z`b}6uqN0&pzSK3-0szHxotIWhz_a%!M@kL|7yPg+4hjR==2aBcoa<#Z$oCh==U4X+ z_5LBgJ-GOJO_-w2N}yL4$CvjF`0U4~1Q3@MIPMQn zb^h*MVZ6Pb*D4)1`D|rJ&zlWkgnm4GUvA>`!^zRf!PSS8i<4Jxj<1f6Kb#yMUliJz zCpgTTa<1=ipd6i_d^kS8Iy^W#cy;pTIVMRw<14`&5)4O?K7$Zp%0My(Gni6c13=5a ztrJAF-KJ{DneTj-i(AOgV5;F-&dQ=MSrw3(Dm=TJ1xo32SM6$u+Feow_BBan7HIRX zBDI9w1}{=rV)u*V;HsmmA+Lm2b?H-)!eSOyka@ERtwN=9cdIL?EH}KxkLOFV%O_LS zKKQcpY85}!G(z$G4QE#CD2RULYO36*(4{5UnqLkY7SFoHE4opDP*@16)Lr2=^UmZ> z4^2^k#|zP5M}in91XRsSZy8a<-zc8HR#&K%9Kr!X>^PS~zRD=55|GO07B*tdm{{ZR z+T7o!Z~|@9bTe#(dS?o#fvd=MuO>6#w(uBF-on&r!hT!Vid|-TLo3V>=M;KXEM9J| zi=y&S3?q29a>qX6^i?1;ATG zCWs1$#wE$n>A?lKI6QcB3??W>1Tqu?t`gvQoXD>7k|xu)z7ImAk7)tv%U2R8|2TZ9 zZd(vruHyEElFs2~qOtE?umHUTGMA0@s*H-L=-gCchUs~sl(NE_)k1EB(J| z65cfgXodf`+b_lc?DhKnC;#tbJktN$x||}ACZTlaVuq7=iT}6VYU%(^ld$$MnDNib zWU)d-72oCgSC)B>%GtNe`_s#{iOQtnH5OFaLY6I7`qkD&ysABd69GAblq46*l%2|WeO|))+1y>pD{0+U|J?u&OScSTntSTZ56AKE6mhk+ zn!Z?YROYqUm{9f$X49W!$$~OgQ=u{^i52z}#_9-OJ4xk{y7CvntTIVo#aD_T38r$b zH*YJw{N=U;HPnx0yxYiKTaCIXYrPnPfBgCoZQ29@K>xZ!Yu2AKM~Vucd4pqh)-pFY zik};JnBVKZ*?4QJ{S%Zzg1owm4NT4<>F(1}2PgC- zrVK`r`&@#j-E0cX z31FJ?f)(GaHma<4Yhy-xdP*>wEn2nw@jjgp7@{(NWafkYNxiM(kMieR@<$oaUHGF6 z?W^%e8I_zrD$rb;KT0qf^G80JZ1Du#>F<2H_1t%$+->4JpuXa)ckr;Myo=y1=DQ7G z)nEo|E-Qr?kebEC4MGS*VS>P@hDj<5)U%38faZ*G`~C-U>F&ca%=59V{Jj2%R)JZ= z@@VAUD?0Yn+kCS>Z>q8Se-L4)vWr?j@6nculMr24sSEAj_t*@yveD|l?-4vp(j-bI zi;I*X7#=1uWd!0_n$Wc$?-hXvkvxHm_4BrkJh>ac($m2IN7x+?0j@g#y|-J+|FPSD zI{)`5kJuJD6RALr!%rV?aU6cl+Q)gcnM}1Wd~|amhWV3f8Fh2c~%5{;)LGAHHoZ?DW=^WS|^3I7$F0t&b3)p*#hmXoP{;C?(fq4UoHQoTj=5PKlOII{cb7$ z)861o{y)aEH2*7?RBi@X{$`eBF*`$KhQ)OV6#Oe0$sDkl0+Pk85gI2%ACFYtB(VDRStt?11iueDeoj$%T-D|R;DNN2N4>Bg`XS8r4dUQ;WY9b&g zq}Io4v>1Xkf;i@*TG{IPyLXpYX9pJ-zq~s?dWh!LH=iU4^HWIaO+vytAA?0TfS3=ddD!#b%DK!1=ycmZ(*xq~LH6Z0Ii6_Yt27Gt=p_Hr>uHivRM-2%Hz$Wb|Mc$t z#qrhI$?1=`B|zR#H4Sh)X@D+GB2tH_ck%Acxfmqxwn%dDYYdTS@bKMvDV*FI9Dyy*a)*cz^lR@#*Es;lbs}yVC|Bj|CwPGB!mq!+}`ft6MlYdV6wu z_5R}c{Pf`M5>_&x`EsGWskPwlI@xQf%|9#=h0ZZRA9$S+jyrU!@$~#a|M`c4EJ}hzz}vW@ssWY=J*t|vz%A=Ta4;P14)%xVzx+SYnWu3_Q+P>*$t>Hg6S*?9aP18;GYBD-0on%20>Ag7n}U|O=XcWUbbPO-49#f`81sg zCqzL7y)CPJ{wzSYr8ObX@cqg8|vX;~ovS4}=Ck&4lMOMObKoAsTf>j9_P;GT{1JDHxSOokVFs5x)u04aF zt}=?q)eVP_=*!*yPJe$N{PBl^jR;8yA6jOC_cl3?tpcgD3DTFlz5YswP3e$OHX(@q z7L{*blAg&4pLcu$7H-*ab0m2=AnV9b7Bd`~QB5aTm=XlT1@Pb7_Me4B{-?DT1Ai*7 zfReaaj1ne*MhK;#-_kE))UfL{`fm|yN#$_VCRuza*WitRdR%k+r?=^WKctcid|%-9 z{Ijh$e*wNPoPzzmZg0=}sMT9u;I|AT_ScFo{q+`osx~T%eVQ%kZxIYattGi{%VsOc+dG4FUQ?@unqbaePtzX3J$`pyQNUOt^4T-VnEs62r_^SNpt|NgTRbORcD`fD3~FrDBwVB#yZ* zm&DX-NQx?h*|2iG@hSOtfoPd2B>{tsM8NmO#+2{#RhiSQ!q)ua4c!lxkkcQeKpgJB z*x&AOggg3!u&uv%9U)6QoSx1gXmVX75dq6Nu6h`X1K|#Z&GqG8f7{6C^X9XY1A{-u z?_RfRP5~BO^2;p_zviMz0E})rth6#*UKO8dHgZ3z7de1ZiDetWk8GxEO3c$(!Y$LG zZ23I}-#k6d_J5Pn9kYP1i2vCh?3M3-+j)xrd6Y-S|A;YG*FobX22nD>LG#^OdG^}u zyQT!sAX(_k4pc;SG1#Xn$~3~GcE)g|3$+y}bJL9t|4c>xc+UN4#n$a$B&(i^@^%ZW z7@}sFiMTj}--bN#ZQTc5oxpQx4`sd&>J{>#Eo~M9 z%F%DY)6N7hztF===Ygjhvh%=KwDeLH(@<)zqp+gbWceJz642$l+sobr2~MkL8!@s$ zc)qtOgZ*3=h}gBWckBdQCth4q%+8rs=z-$^vE3tuyt*}BK?{=32q_EbU-n7%CQxK| zNRq;d4n1jUmq-4#5r%bwx47tkUVR0FbESa=zAypiffH&fr_Esm@$6Cy;;M1v^@^@6 zXB0Q`a8fm(o5g-}ZH0rW9nbRDTdY-2uB1Q7({TNN$orpndwcz2{{QYy?`i#ij7Ru? zRAZs_OkXZ*a>X57oxgy0 zY>LPYrU*zh#8q(!oP9WyN4E;i7JC?1-A)GF6ZRXzy--(4C@^J*jn%)6!nIiq2d1{k z&2lQ6UGqgUj}sz2jLUFZS))o}&69@e%Irg~nn<5s!2fh|gqc>K z7mluJCt6{u0T0bmwm8DXoo@QAb5O_C{A^G&6ymJpPRx(W7;v5}=~d|0%UhuMck~9& zaPiz{Wh16=RXgIRE?bpd*}$nk$f78kkn$XoR5dAMz0JBJG9=pDbm%T`>otieQZA{D=Gj9|80Y-zJ5Cuj=I*I*rSbQ)<{<_m_26npziJG5!7urC6R=|0@@8^Dw zg=c+nj}n+5gM_f3+_MKu;0^bC{cUe4JZ`90;V1Tzhn-Fto`_#89(B<0G7^CTyd2W- z`}zM=!25pAQLJF3{7-Z4K~vvteQ90m7_7wcU*RYy_u1pGhrzVE&kDz4pMBqN!4#{z zp@(4JYhB|w90JLrtr=pFvl>@w#MRVRcx6>QiYVe$-3E~B&em-D@};GrSFo}yt_UWW z8pVNoZ-qI`Is~?nulROJ9nOb#J#i96^JYyw98ZRz@Q8Yx2dnF3Bq~)AbvU0@R}sTl zRYeSYRh^b=MwXdLPKf;XnU)n`BPXu_w`rJc3Ai>#-VTr@W{-EReq*Y)lT7#~ar zm^He$254b;H-JI{6=|pVXkB1IGD{=G9O1j67;IfwoX5(DDbCA*RVm@VNawjy|5JyV zZmIk=@c-}jcZ>V~d%Y+B|D!w=`G3By_NR}|l~upSXCM`bT+3U2GVifhR3{&c((h7& z<~Ye@s=S7Zr)L8)%4?-Y`Aj18qJary;KKj9v$m~F6*E! z#F@afUZyRDTL*J}a8jprAcw@5ikh0#*xf%~BnZ_5`anX8bHA07b#1-uFc_2~hT zkiPDBDf}%%HOioZWX97n6F|XE084brBA9a}Bn&7^YBUArm>e7HG2|`Ukb3^Zw| zQacSM?JXOt>DawDnA;>9--gIv4}EC{Z9Iawvhb=is=l^TzsA$V{*wth9?t&T=@tF| zy}j-3ll}J?&$nm)sdO-RvHv89YWuI8ZRXMKKRX-ao$Nmg(ATp6BntOr|0!TA?Y}~! zt4y{E9341o*?)C7KAinm)!P;JUv0Or&-Bb{AQF;rOc5*zIngw|pZzYpNDw3_l6Ks*WBk#^BCz+yYrn9u zA;Fdu0{Ih9tW?$r^t_<$HG*=hRz_ge1Z+VlvjcfT*YX+FR8EbMjIvQ*GSoFZr+E}|I9-Fb&VupKS zvsr8RjU!1{En4{ZqEhYi@y{7Y7!!uTsjaj*R+31|yV{<8^e4e~vvn}ys8 zG!uCTuyu6zHVpGItF2<||DNcpef?Bedzgm>Y+e7*ew~bcucU!ACme3pLu%W$vc85f zsT?aQ5T7^Yb;q4;N8Nt#`8)JwuMyVB(C^1mYy;6|`5J>>zf|sTz*-oW1u(s5Jx$Cy zV2KVYXA&Jib+j?f>FI~5t)+QC*lhMDTN9rUrOoL4G-&HB&(Dte_wE-L5A~h!1EPNC(opPG($O1KJDDQ~7} zae7s$d6k~Stx@Aj-^*HD8))@voJL!%B3DIPH0hzqndt%;Eb*q2uE$lMCoYiIyGe}a zm;38X42BrIlE$Rf`_ z{bzst$IO|U@BetyNB_@*6rTV67H>{PT0a~i#*V(;uwe<-=v3tVJm6}=Yectc3?RtJ zl7g6o=u9k;oe=7nViF(x`fHtl)D{zK$T-H5=FjHbpxporzWw2cLGcF8(+Fo248A#g zJz)R+=Rm%K)1XLLkg!%Fv1*FKXWJCVtE*s*!fk}()x|0%`OnWkpkT}Mh93Yhl-XEO z93YipZv$zte*Pgzk$4TdcvpTXUXTCvS1`Ik+FQn~kc25zBs~Qe`um!qr>B)iJVegi zk@#GO#PIMu=_Lcc++0f__#WZanw|o;#7K?VT*EZH>ufR@pL{k264pwk*lRzT48j$E z--@KyC{;NVhkv9QZJ5KmO#WbH6^ns@Ed$xvO zDicJiWaby1E0v-TG|yDsZq76+a$_u~qvTp1fKl-wuUnx*Yr?yA2&%O9XW7Nrvu&=n zBDc@f{xA0Dra&pO^431t#=nm?r9qZsd8pZYt^+EWtMjban}qJPaXU1t=87^*lF`j} zfzlXJl#MVs&KsSI47%8q{;Fza%uR~E6kJa}3c=ge@~8^p zSedIOX3ChH9JLz5wgQ=wghXVu`v>E}yelTt?ne*N1mwM{ zA=(b#r-k&l{~GLnyn(Ab+x}m)@c&OI#{GYHI(8oY{|{2y+5h^Er)va~lo>#PuMi*^ zMBQqZONjq(0G^6x9R~c**Mv|lVh+;vh>{UqBT*X+RuNgih)c!hZCyr^3%C>|B*T=X zJCz1_lp`J$ABzSQu8dmjmygBkGOA|r+{Y;w3bqb(zL|oDpD=9O#V%$=(Vgu+Dw#i?nz=0q9h_a@!qnMak{C< z!xggIpj@K`wIy?NFTpwFmp1x;?^(8&hW#%e4j9j?DT*T!|T}#7!vMMpQ=Kw4l9;)1aPltEW`UvOsF${7d%ax&^9Jp*nl5|$L;Cv( zh`a}nGUCrw+VlUjARybA_7DU6_`g@l|L0C-kN%$rDSP<8ob(=I0LtaEUmD1ot%ZW3 zsVW=P7mJ8cE4ZVi$m#pE0z>PTjer*7LqVyLB4_0p`Q3#{-mOQO^81wr{x6r!&k0HC zosI$b@qd3jGxdMx@%@j7DK`GkCLJtE3LseFTNHz8y7ax2;e|MoF2!9k6_gtFzKP4$#-NEmp z%0B)-HsAksr&H(A|MMWFd;F&!s&yrn2sn>mW(&Jg%P3%VidZX|Is(N3st*IzDrmu= zU|&d;fo`bhg3v&!dYtldAox@C3m6Os_UeZvew9C!r`34Hb3Xjf;D1V-Sw)0%cFT}l zou9pYKK$pmR}IKOTWo*H20%vVm1Ffr_`~@cru1B12r!$P6m~$@Vn9pb>T&?ukg0+A zRDCugjQ%5~MFan*NhB4mJ4%2({NI_nCjXzglgT6he~8kF|HmOpGXO=*Eud>iK|o>( zaa=^-jt<^raD`4S(x6yWBIvac2>j=IQNVxd5?5QrVraaqlNT9dDJhOu18Gv2x2$Lq zsW0j}m9E|wNo&eYo{rSrElU0yZlc5b)}KX&lZO5O9;PvlS9gy9-lzXLW6#w8W{>Z` zJWT1Z|9=$g0l)>>Qh8}5B~ipLufWxwji0Y3+2k6o8m|AmCWP+UFb&p^FH1B?V z1Swjf58vWA1cPDvKmQZ{pD#aVYv@g;rvuJbemr~q>f+UlQ}DXz8we2<_fww!`YX^c zo&5IODf@-h`R%vEBaraRmJGLKkeC9TfsCdkUPU{QB1S%AN+F;Gz*~aD>R4s~^Q)C9 z3AX{oBnBwH#VLt5D5j%>|AXTt0c%Q=?DY6JBtbS>U>d^>W`lDqc`{0~<289dq~v(Z zIX8uIIFwk149iffsb9PKy_wQud9YH;|Ap*4{yBgNT;S-gIiU9Ne}6nP^M5<8`*{EJ zK?>*pa7)PsQXIf2+HpZ}es=lutLN80e{=Eb+0R$cU%$OLf4(p9TWVbTqAB@$m-qt; z&tY;F^2>z$j#cqB*k+V$te-h>>(_9{m|tN1u24TqNz#Pd@?9afd@iupSJ2Z?qF|e1 zx>I&(X@|iuwDkDv9su$b0bNK4SqCf~Z%ITMgpG=P$Zg#(t%t8$x9fn<=xccqG-9mn zV*YGbif=Ea*L?{~c`aocC?lZB;<=X>8&AIm@}NWS7Iz`3IwK0x6`~yJA$SUIa2zt@ z2FJ`+s;g6ScYzFTZc%zpHVI4-82s&P;5y!zS!TJ~R0~CeQ}p_4K+`Rze2Pt~+_u{~n}pPIDGTQT zN^+g2)X{&@^7n9Pq-izBo`;itU+=S*h4dHyqXAJ2at zq;UTKoQK$eV!DCSlGM4y`!$L|h?u?dlBuyc1KSLREg8P4a}|h;9BeivO{1)0OQ<#) zb?wzZ9_WaEZ}xcp z^B|>B|I06d-JkBKLPGcHeHG`(9-Z$>!fVvfUJ@9710xs*D79&R|6v+V^Zwr^NrW~i zrZ9Sul5NuO6kyN(_dN6c2ha7Vv&a4a5Jl|&Bw@>2rT?u?yUe+i%Do+emH4^kp0B_g z6tTd^Ux5tXA`8+af&p5SC`2i^g(+rwO4--Nol>%a^1M%`C#Dm7Rj#3V>Co*9+qYG+ zt$tHfC;Si`r9%``lro)3>w!dvqu)&!sfV|N9C5 z+#mnxyOsE_$N0~ODV)K4kJ1(5as3eqU?g5_%rmRTp?JoTuN3)BstS!7z^zKvhN;EO zmmo{Ge~$z(R#DZC?Am@Zc!@u ztwEKJt^`WAIo_&7^*J>qOoz4@`G;kR&HF!~ceVY$XygAg-~V@KWAE|)&x4dk`~NM8 zwi|RFLA<$EufyJ>FW|NcKHKXUsB83)CqsWS|3K6JXS!*2{BuBJnvy6&=~)~T%4axZ z3Vd6xuy6m*#>V{*Z|qDS?f(ZUeE)N~1g!H6-ebD1|J*hvFmF48MdJ}$V5JbjS{&+? z0)9=z!WHTf*bW04@QlP&aP2xsWz%b|87{6e@BwTlrU`3n>ZLm%aM`#JKi^&myt z|Ml}MI6(DVOCF$7mRrQW7WRze5PdiTUt)?jb*bJ}b)M#(qD`LTMSb|PN@Rtf==d0n zI%UD&A{M9>KBBV`4uWnH@mP_8s6udAi{R~SSnKFx<7HJ1G!%!$kn42*@okvL(!aFl z|2>tzHum4t%>V0olgIpD4^pc9-&FoeKX>H%^=e-ShHvNiB@Vh@dlUfnD2!ETZM4M_ zpO3V6U3Cgeie!n!H!F;iz1OIV1z^*a+{HcBVgL8o`J(LI|Gr;||Mwoxe;%aN?0<9T zcir=*k%!||^UiGM1Du}HDN8J$fqa^024Xmef8p7s1UUW5e}47L;3gc*Z@=m3?D$V# z*L?rA{N{3%Z}1+9_M#&eX2A%m7?f(Db3jd&qpWQ5f}RFri~X-%!RTiL?z8_Y@4t9s z&v~@}9;9gd-#*WR9n^pCap$MW1-yqR*scTF^n-eu_bUo*oX8EZJF5+*d03&o&PHq? zz^+Ny3`GOiU37}a^2aIN_Pkoc-^&NEkN;Qm|9g(}c>en!#lrt{&VR{%6#Tab z%QsyC2}*mp0!-3AZ+C#|Ws^IgUB9)<5_`HVYJTROE>=O+2ck>*99WYdq?ACsEcYJj z@cd6u+VFo8_CNdoqD}ly<^10pPy9#z{}4sz|CM=`%75wiwqk&U&7po}sBHp&YUry~ z*sFlsXzK|H>!bOM?$^O@WK*T;Wlkkf{;u4r-Tv=?_WMPv{2%82cm3(3{r@1Py#Fh9 zzxt`euD68x<)H32#;**vEORc2U{!i&0PJdgR|5WzBGxZ+j z|AUm${+IKt_I}!Yzpu3KQ`-3~r~IJvKF1!zu-|s{Bp#1dlfa68RWW&GRP8NFuZ4Bx z?K7{uF7{PE0Gfs6weme0>0U>W>k)VB#T)fOuMs=OW_o3q?ErdQpBUe*rTT z0;1lPCbu|5q0B1M{C+fFf+HA3x*R$F3cNruN+Cru2?^vm%MwOL9PCuSlCO?+Sy6q6 zNemKCM{Xcg6v6=tJaUSEp zAEfa8e}w`Phir>$On~h!_3F1+6eeHbyRgkh7JH(!mBnL{92)vSQ5wVOBBm%^!l1l| zYo8PjV1!21c5L5)k054hUQB^g-rO?FaX>;eWO@xwP;+Ye%8>++iA@tZzvSLVI7fgFJHAGjtzH+Gfv0AB=t6lMcR{L8wziexE*Op zN;VYYsK?-`rk#dPHEKs)jA*tdg!Z6LHSI*5YP5&CZ?-s6X|&=cUTt8qf0ZZjeT>pk z-h$zUuhJqB)*5F0;maq%yzE2)1@H~}HA!eH?;l>IK0@Wpck_`;X~kI0Pm=Pydn~4s6sOnl^Rm#`3VuB1#u9uq~aYcIyQ8X_gz< z-J9kYc`QQ9F8P@452J1kCDItt_awbZNQ8r34b^`DmG!aQW3lT0%s#p&2f!Zv-y8ep z`|p#f_jv#7K}w_IZl>8bXu8xt0`2V=g0(7t8) zZPgAKYtk`yq1XO=i{U^y+fuSpPLzaXl!>@sB9Oo=dr#6Z6IKffE9!Wy$|YPon4d5! zSR)+&FA6A0n~|p|#M#~Paxg7XZeWUGxVSq~38*bv60gX;pcQ~xq75P(+^oqqLwCnq zz-oy+BT;&HvgTif{jAx?GLmkR$+NSGb}oco^cLjvrz|IGK_+^Ii)JpX-= z!q0!M*Eq{vyFBcN8FLx8kv7DZa)Fd6-dBC}o}@QS_Sg4RtJ$l&S%LyKpDDV< zZ1%sy871lNCEj4l=eMTwb#(>c3`Ja#Ipwb94Wz+Zg!P{``@+S1ja2iOa%y#-=~Q4) zdq-l>RwOI>Xf$K28{rWfj55}fvh$rU3(Iw-ydu~?4+dB*rY&E)C1CxA?8KzWB>$zB zDxo{&724HWYM@$MMF|OOW>^FHdo%2NE;jj}A9vk@0d{-{n@EVB~UVDO_ zx6p%3_=}M-(%=<94l7?s6ybRFCJDu7?KIqe!k#zh=j&{jYCBXMx92DhYnGMzCWIsd z!bj=La(8NEwLX42;YN^w90T-AQ%|3g6pXSh4|U(h@D}0-E}|kJpoHMGMt{&675F#s z!<*uFG5HOuLK&iIsW7QzXvH?{}-3> zGVOlS_b|zI`~3dYVkc_wYru_aeD&s1{XJgBrNROwH#+LCYf0|N8XWPbG6i6rMHWAn zRg9u`en)6n5>iElx4EgIp^(>3MD63Rc!C8s4vP6Ontr%NX^KMxC^1HnCw<^!rHPLv zhzYIW9hD#r4RKU{*tA6NKyNsZi6-epv#;DNype69t!0eC7np*DRc%0pua>jWZW ztNIf7vR0G&({R#1X0h}Cbpjve{)g+1{mT6h|MC6z2PvPF|MNR__sjX$3DkN1nxy#O zB&IOBB;nbX5`IB0H6;LB%NE|hPN2s18TdZ@p0#V@^f{K+Jiego6LEJwIR%>599^_~ zkV(0%V5cZSDe|Y}1694}g|M5VDb2y#UpAeEHQfNq2-*r*5QvAqb9X4B%0|p{bPV!~%c#B7!q_NoLzswYI z$umXVNekF#|M{*N|2dnDALajpl#2aVn)Z9J0gZ$sP0B#2YFmY%Os}REls_2CL3wdo zRD@C`O;IRA?qe>Nd)j0;*3i(}gsh|g6B&~wRD)X7t+fSX#XOptpR(Bbe{vfp!90NBs}&HTTU+3b=3KS=qc=RYDB zW0T6yYP8k#d0mb3^S=$fo-bO9I?ujoteQ9PqrCHm7M;Ct1{T=*c>;M)+PVR?u6-f} zUreQjsI@SVEg!Y`&$8J0zi_=hK>iPR;#BVc`jf}={|6}*{(r@%{T`UVa@`KgHxG)3 zY}n`L@om|S`(^%n!KwuZ3L)hgdONeO+=py{Zq30AC-kqCSG=ooP37QjDcVH!^3zBB z7el_*H!KRBiQa|Q}*(I`5MPv#K7M3-^tW`|JijP z&wn4JRQSJ~_A@c<_a_GOS6y021BJYsOi-<=qCtJBmk{!+RZzgHj8FjYASx7y{Su=t za`@8;i%%SNT<-m#K-g7M6c8Q-#vO{}|D!dEHh2}26x~0LJ^bI9RNnvarnATVuMbk5 zfJ;azO5=?2C$R#+`!$NeVvC~?$19M);0CTxHad6$c&3nSn}{dmvo(q$u!_h+T!F{& z>IkGLf)w8(kU+ZDeur^*@C3wY#qX4Zr%8&I_yY=sTj;+IN8pDz+5r;tmW(8jpcF(n zMx%q#v#X!4C`r-56L2o_iM&0(0wGSbgV74pWBy-3{=sPR@AR1eSN*VF9kc(aKeOBT zxB#?(!Ob=SOB|u>;Hy#gJ~{Ymw177UUybO7{hOqCb@0^zr8ip0|99{NyoD(y+YDSh zd!8MPl9VtGcQC>sg2$qIO8)m?bejbvM8|&wb|d%y`FCfpUOa#K!;8@-ymuUp``>jY zuJ4%p-ye@3_y0qbC*XX|l&OfU{w#Dr!}-V^x#Pj#|8@-je(>bU z6Yx{%!@r)cDNVA|k>+OOG>tmX35!Vp2W1e#-Ae#iH=vZ&*k4B>sq(ku3b3AY8 z_(N}cc))Nm>e!Aw_)2CM0U-%)PzuCDAQ6a3Jlw$lC8@0bE&jkN({#t!*%E&MgAj+@ zU%A9_2+)TF1r&u~FdP6Jhd6+gq~PgKPdslnY1J2;Wm}XTv-*dJ2etw8Z3E`_9x%@s zFkc_AarXhUQ100%_j*(A8kBprl*_q03q$pi&cz0@#=QRsvB;{1V@yTwy=k}JdsF*_pIG{K(zkEZa^FsB z`__+P!!QKfG~&7-*;4RJ#Ek!pY!HA+0z!f^&cq{pgMb<=zvJ%k8+OOkGFa{Aqh_!s z<-wY2gXPXDgS8}SV7!}`BAMRKM)Jf$ayv0rL-M#x@}!yMHoMuKw_9v#iro20o82s7 zciSuOykW1{^qb!5jiKG>%8fheHl|P(DoA8m1@&IFZB9j=vPc;M<15 zu?&OLZx~KS?yStSo$@&N#yrTA~!i0m^vhS21`g+CUsLIA=+ciLr9J$vwxh$UV_9+gSBtmb|5F zj8(xdy`gu~hh4h!Zi0x_Z|HL!zZ4&O_t`P}?CO1<80#Y-X^H~M7KLCBU`;Y=vJT$w zX*-20@Aq`v(C<19AwKl%_p~zCj^6Kag;z!-xT)v&9U>tNb@9ZZdNFfFeG&m51lEMr^y`kw&iN2J`fBRcDMoP6It`BU5EPkT@P zM7NIwB)zk4MNbGr0JoGxIKE-MCJE#Il&G91qR(C@M;5DZ?enD8iV+`r_t`J?d7>FI z-q7vk;&D&roftZ+-_U1^@SF4&eiK9ZO*G->4c*R;4$9}tuP5Z{e zA1A%}<5+ij2}t^Qc0SP&eI9pQL*w~jEhCP(bj2_NI3^S?chY_l1KUmToJ{P3XI$%+ z6CZjHY+3M(HP4)eT{rvXg>f)Q1&wqaQ{O!g0^Q%)Z zxFt9oNRL!Zz>CW_0A~PZ8D23XjgN@iajUs@c0IO~bh;oOXX@^TY3v6&k;SI`|?TzD%!YJYf$2M7|Fht_GDK|7S zYkw>vV%%Fq_=boWYa*i5AB}S>qFD!2XR-tZc!>kvlkwLr0Q3& zO~9M0Z$OCnAc>X&NDWh zSKf4$F-%gDpfuXC1;0%I`an}Sgy|{|&Xt|+xNsc%!trdI#p}IUJY%zX<;~(53?L+d zI6$Rq1Xv$o1d3NWn0~N^{A>XvFwGEuE{Lr$QHKx6v}F*R8jz`Lcei=Ao#gf2Np598 zocaOLcGC6re;t`3Q_z+xNehW94EsWAS=(wjG`*A}3`J?#Iv)hgyStKBt-L56Y zsg2qZA9|Bg)=(WSaL4WI{F|P1bKFc%?2a49rp!9Mm08D7W}T8U+qciNS+_pVW(|F| zD6>v)W!5p2S*N7Tw(fI{Z-M`GD94~1`<>40?ANg=w@z>6)-mL^Q&Mi7dCe(rL{{AD z5>K(QE>1gkaoW^Hi&%Afi&e)Et4>L*I{lmm({aZ>kDK~zk*ZE_sp=R)#3@PDp6qz@byTh|m$hJOEw2 zL@7qX>&VzVD`R71*Nz1H(0e3GvXnv6N1~qrGIcu&FxM);7=gAv_Y~UmkvB2=Jk|T$ zbC)|E=h>OHKFOJMJOQ29Pe57cZR6QfA()T6u`!+#eLVXq1e1IU?x_&W zN1ku=d93xhr`KaL?Y4#{(FF< z(Ys_ljHnz4^Xcm->L*SEn|5s~o!eWba}AZw)m1vjWYaX=fh~`-gCIkRNUxG>x2u$F z6Fz|Ci4IM@N2LL6H=WYgE&-ujwr=xgq@wnO&GW3x6s>9*;{Crz8qrbM;WeCs-C zC{eDiMA^fOj84wFxvj@DtJ`{Be~VjuxYJfNm*==wN4u$qW83W}PJyl}m44RVjO0zrgeyiG*TCCoRj zNFo$$Q%rXtVFoG$3ryAB4AEbH6^W*JwL+;1z*qMPZBx+gP7WRJ-1qouSyxO)|=p)1Cc% zdX{*P+`}^HHU+eo{>d5|s;91bIxRHM{v6HHL7T?eTj4YWdZBK*L*MHCxeqRD>7Y$H z>#ds^s@X*Apl6=yvElw%_rX zTTa5}eGkIsBg5@A)`!A0Ekww))FzYx7~%K^S z?Ke4Mtx8AV-Wwh%SMR;mIb%+5w`d37etB|kIjWlXJ*he|r`M_NpgO0z*d!6+F)!R1 zli^Jg;Ux}u3O#vm_8UxNxWS_99Z#Hn`-$_3Wo}RU&h1HgZcoZ{>sGjKM&uoGZu5xz z#5i679Ov1#)xn&t2lbP8(s%NVtG*}Y$*W!f%&8By86}(I95I3m6mc=3(w~py^mSxR zGb>}V-TLi)>DRdPJ8Pak6^hQ6tsakFJTJ9|aTv)7l_G_YLC0HTzWvsi?FMk~3&7KI zbkNMQ0CM)E+vC*(=yL3ue5*r$&QRrE7Q@nUXWIiUrWSo_+E<^Nmi4J=S)VeO29BlH zl%!Q+) zyc*}*ug2N#-1ok6Z``<_mbkEMPrQ&Js?Ki3@y#uN+ck(F-sHLeMOv5J;IES9bi9x6 z+wbGsuH*Nop&_RePN>Kl+ucbs~^ky^P@@M7~M%(2v0^+eJpEZq{XrP zS(1o;cf1PV+phvlETVMMSCkq_CMG3OY7a{_Cf4b=N}PsO;&n^2$LgEDTM-$-&mQ8~`!8@_~ZEZOwdZ(Beo8#crj)U5{IHoBH zw}JGVpv$-CV*1%%yYDW`1EUXwNarVpqa*jTUl6z5r|x~7+BagE#(T!&EDY83OSc2- zr^tx;lECmA7{NF|DL7-}BD>#B1@!EmQr{NXp*QX35cQ^3 zhp2B0ck+9NJMoq?qmw6kCtDskc^yMDJ$q=TZ;NsAd&fBWMvRlM$2jSoR3U1GIRoO5 zP<|BY^4-mpjWEtgB3z`}6;N;5O)c`KR>Re|MMe3&qoRBxD$3WRqMU{o5f;M#dt9g_ zr#x|lqe9$5yh0geBQ%})v*mayMx)~iq*soqXukR6`5m{E-?XLbb!@+PY?g1tX8C$- zR?|=$Tgvaap8TfuRIlawca6<*jE;`=j+zPSw;9Skw@g~<=So6b7lDPE_RFP*7D`BB zaCLt6^0^qHj@NBH`*mBt{z(n-q4zTIjM4G6(W!~~zZ4Jt44(%PPBH`%m{Q;!0T{xB zpH1+zj?8vve+24b6+Ra3tlNHbXALn-ZpVWHR~!`7dFaJ#g^0@Zv?K-@g%mBfQIsKS zosD{h-|zWM2yf{cv*GEpVV*^wlVk_*2ksz|iu|Z@4oV3K);J19N_~qT*|)_``8{K& zcuRBRx%Hiqx)~E_d?tqf{Ps$1Dk0x0onqRmm^GQsiLUuEN(NT=7RBNy$?bTI;@Xc< zd|MQi-!qDewVWHndzPg3=An zGA{l3NKCp}H15P|(fF1CF28R8mp?KT*ttFoRev?J>~3Moc#2#W!lI!mf}04(2!so; zO`{CJl{KW>w?stweIufbV0>STh?2diC&Q*i_EsVd9dcGXnE94dE(1-PZPQ3z@le-2 z-HsPuUHipX-{J}N`+7o+bXxvMR~YTrckD^=+>Rc9*Y5GRCEe^h>y9&BZD7 zUPjA_m6m$N)#ZTUEKc9E9&*pQBc{a0&-C1w3J2S-Y%oMx!$3jXb+PvHO^W1j)JhO@OS#NPZ zGsOAK6z8txdd7R4qSY3rA%6#qzYVrRRKEXH8!{qL*{JWeeR)gApkCj=l{^sf_D0FcN~iOV^yUZOOmqju=TJ`S(^1#mS$xIWoGC}mF~$tk;oET zuD`e@x*_WwXF-aSdjI&$qVLT5>N~TtzB4oQotjA#2NkzTY)0IH8FH4J)crlpW z;xXnT9D`%K*d!^r^HNh+Oxi@Hfv}o z4kf*z8sNgY98Ur-9N6paLVM1F4fKoe&R>HKPE$FxlTMds=93f4v%cXriEzM{j^adt zj3MM#@eGa5HheaJ>B-Us3BU!x@ym+iiiN82(z zW(0Rk`ct9=W}a+FY_p6h1{n@fz&au3qf>au-1d;w%wprr`r0_NvW+t{Y@F&~@{Hq5 zkTOjO^03NFNY{Cu79n4kI6^$o8NrZW7SE+KAB=9CVB**2#z?pES@w#=uLs(XYi#pTZFX~MB`x4sbpK4F)7{ii_D3Vgv_x$?s%}F+d zbhsumTtW;J>v*?>9&=lkV@YLw&-;d0h^9`d>wejuajZEzWgjWZXc4-EMa1vCTjr6u zE%AsX(Aw+%6FxUPZJF?LhJbA%Z<51^yBA9FT=JO|o&yF3bPJ*rvH3=pR4-UTF#v%?d!iyB9JFdxGr(1L`Bk1;3 zxWfFJ4TuPL2r(t7_$pp?XX01>y(C-{fgr;h9KjSMkW!S!M}V$zmg9I2GqBj=h>PYF z@k<>Wh+~Rk$j}8OqhNvPdxT=4cM0&^Tg6l}DfDT&129-)bjwIw5g0KV#l!W_UjO%q z@lNnsJSfGOWp;4zkL?1bF`_6t1@Hd;waXuV9y;%M)n}UYI5_wSUZaF$n38k{J^~)B z_Yu5BDYFK^$AgbUt$Zx~kNt~7yvVP^@qX}OIyksygMl*u!FMRyfR}Pu#O=_7AJ1OD zx_I^C6kLCIaRtu5J9~W%F0R0^I z`QIGlmADUka4-ay{Ei+7)+o5)hQLq1Y;kZiWLt!S)fR^+D?~xT|3@TU9dBT~h0*c< z!&_Xj7Ju=a7rf1};||Zl5XY-wu@;UG!4jt#9UTn86+*nbKmCYrunoiE!4RAmq&>q~ zK+>?N9f}`DtJN`mn_XUi_v1B9S)(5k6axr;;sUCRD2vhi<6uolh7J#g!{NbM6oJ=x zwWb+UEm3-lLNEl^{E7rR0(u?CzNO7h6!492L)lE6KsWQ7AE71YRl1ph#cyI=1T#@*HEv406K zy3XsXOnz9B0S6z!^*_N!kkOQJ{Ey(>;LY{<;2rn~t`G(J)284WZ_vLUK z1s|oWmI3+oHx7ZnlDY#h-ql*W8Cau~-~VIAF8i470H$b@jlgpltm{qWY)!UN{?uB= zeML8DHxiPm$R!cL7%ar$$w*Pnj82VC#`PD7$^Va>i7I~-pEQ}KAp;p(OfX{Yha}EM ztSW!#kHZ(Plx>Pau#H2MiUq_8Dv*u>5(<8un)r2hX^9G@dgOFKF2Dc;4A@XY6GU;B zN)Vtd14|qswvuTJ0>34xaAV?lNse-{OTkZUb%rF6!j{Q45@aLIROeEQY||lU+){K& zt58xtlmmABL?igHepE*M>A;U5!WmycKMjUMxTWjC(I6%<8vIMGNNpe)Hoix2i~vkm ze0ydiwrDdPqT(&i;c%OwbQnSkhapb+U=`PGDTs*3XC}6y0ACtp1xR=uGfNkQ^DzV; z!GaJrneUb`$`GUcx%5kJK3M$;mqU< zgataj=d9pgiV4W)fe$=WI|_jE@naMUQ15XRv2`ZQbxNe$F`p*s-_yFOlr6R+!rM_YaBSBti}_m0#=^2wq?c(n4=u?07N-nHUT**~5Lw zS6AP$U1P^Q5?B5Och(px=ccdWdk#TCYYFKan4#&o2A=pZL@{d_nxIGE$2E${+DL~^twMFC>A1hTNMGHF-hOt(tf^A9-V+eM!G%86&cm?LnlEG2+G zB>b2Ua|>&M#72y1&a)7Bhr^%K48Ch%t|J_;Qj}#a_9BddtgQLUO}=VFBd@R5pka!< zjwMeO*d57xlHTBW^$e%wK|UVn!j-|4H34UCJU&A1Ns^!#h4QA7&d?~=tS*)yCRE(o z5~~6xiD;}e9J!x2WE;~2uGKE(hLgq#M0CRUtd`!J7}0D^NM%#@5PCVNLgLYsY}vx* zKg)-F^VBYwuKD)8BwtBMz=?Tz;AJc$}4gpcfjD3 zNzUN7ylcH_!Tv5 zVrB7@bD@za6P_)Bx0kO*_U?@GWB9V*E)ma&_;HPcHD6?EZLyZh#9c_aTQ*>AxTHTo z!^cNM(-p*GDb>#F2UuOy#KqI0Gmq+tu16#EcecWR6U3Ddd`q zNcFe^tBi_Pwu}lptf<%w0joX&Z()Q(wbHpwr5YUpH6tX|Vy-#T&#aVL(syQ!fqrY8|9(g!I!D-mDpw37*1L8SX95mE`?j z*&2G2>8UqIp+7!xpo7rZU(Voidg3loI0?tgz;h=PcM2CvHyFDJhG;tXPZr)ZJPGE3 z7tAInels;3JEN#h$Nb?Ir706*+<0R(l%1&zxMEjuAX`eZ07jxG`NaNBE#bd2Ru_f< zg6~L*|IOM)%!C4GvY~`in5m76M0W$(7m5L_-(u0t+xit_qUo?|G~g`|*CDH}q4CHY zIcf==c*qM+91l(A3vW7~jGg&(;>{s+PSAD*O zK50RfT1UzfXN2N}5JxTBZ6lDq_>?jxWx%ugrc7HSeZ+L!cIH2q~YMGY!^=o5p5f?2nrPi-9PWlE zMLg!5b%N<6AHh49;dr&>iHOM(geb$z%1lU@RU6;p43qdfoH0)O5^uPRUIOyDYh1v; z;unNOZLk*AK_u!MFbR)OdBcM#M+rO5J!A1^+8c;Uq-~VNQzcF8{G2J1>0nm!VrPH*|#JG&vM+^5!1bK zsEiS&`My>UkUf>s;gGx5N>mDO!3Ay6S%+;rWhHUegMO8aQf4~js{^$68107 z2F{C9Y97_V)@#{l83j5_vZc(ZR2JilHy3PMm!lvUIU=IA%p89DS4kdg35R*TI-&eV z(j})E#yVSJ$dP;=3ahk>{Aq5ojrj@Co2zf~*j`P(^D};0~lHBhf7aaTXDBvrW`_1c}9!7tMW=A-YZE>J8(pM&p%x^_hwY zp#%)hqise}`Ylc~Iskad{W-7l!w;*NO=>L5UD+(vW|NL+o9lD%%^|ovySn=E*(vzzufKxP zYx(p5kH`G&x4(k(q5>}{zWp{O8~GOiqmh~m{(D8dtB==7RMQXjl?M#T_Vsl>P?W|n zx`-)CmoPw8`|?eOWJDB}cakBcJT!+NFz`qUvG1`0GEz~TY;V7ZDLMr_6l$?cM6&an zlPq5ZijEYX)tR^46lEW9!FZG^S{$MVbF}H$Q%rq;tq@EAx!$ zmig1aOKo1h2Zv&sV)5%SqQNn%nSmkLz$9U0U0kx-DavG1_MP+CyYF2XhC_*dNC|gM zAsP%h1;h84uK7QQP|$sRnDFnBAD$!f`c1no-g^uV|D(^%=IIHHwj58jHzX3s)&rez691( zRz`c>2}Q-e-h>Ur@n033kxuG}ecEIF=0{ESmg#$b2*i|!1)Dz}`ybXJ*;2v;a^2ED z+fov-Z`!~J?yTZZ_|sY>rAHzvi2LUGL;h@)iWh}5y>$%%LiT-&KcMh?9EK5M+&!x? zjdQhtC_NpbyHN72c@k*^sO*0M@y5ndRqA&!R&nBhPK7jhMtECqG4fjmm5 zDMU+rqkmyCjB~;S21s#LHbEOmaloU@&bi8*ah*Az?PA<@X#6^8lAt&gki|_AjYcUzS{p==N+`ik}UG(!o~*3e;z5Jnx@@@OoQNga2i@S-^6ft1ye=3M(H z=U@CEW!AyB^YVjU9-m@rhgZvOr?a7XTV=(Itk;>v6iM`;dX<*TjDYv+j`BsavF zI9Kj~m0!(mjg{AKjaB|pBoS{=w)DCpo=pYN=SXrUCGSdQx?#mHNzJP?SbcFd3|iK0 z%bPd#Y(^=u3hE!2$yB<$Pm?X3CkS0=yJR}-o*Atm5|=-AHFD;ArrGhDb=>$2)SM(69QN7WP~e4=?2GQfs!;t>Ha$;^0C0iZprH*MHLku zl5XQ8{XU0}va{r0Y+7Z)|vt}~jAe08`y^=D&$;W{vw zOufa)a_YlH=!Z+_ji=uHB$!TTC&3ae=4dvV%!BE~n@*M!XFByyCd*(s-9wKuAXUU~ zHFM_cf`r{CKz7vcc4~|bJlYInf)AOFBH~CQR zv9Qb4>%>F_=m;t6y)5mR+Coy5!b(=+bAqK}VSwpw1R9;IfGivfcOy-#q^d12r~*?S zrd@)vkvvbxP7CD%$^XkAhNzI7F$r}~jLBJFk&vn3k$f;oix<21K(UyIu?R|p4^D=- zHE!}2k%u~%ek@qU+656V+)Uc^HzX*IdnJ&D*oloF+F%Hlq zn9i09C-9v4(m!$h>BMuN8#Z1p~K-A^i^SoL;$R3PbpG~f>+d#`phUXE)n>zFJV#(e8?_n%+w(tab zF;ERbz*-&^)~P&N$-lGim0U%d*sCFENzwpSJR3qV@NX)vjwb--&^g*4nQ;({du`kj zQYSsBvX?Cgt==Is!4NzKzIK9?sqo zJpw#+j|vs3>4AOtw+q{bd?TG&0g3-tWy0eAzIP>-_--WEAk$+Z$hM0icg$j*8$sLv zSH9b@*wT51P)swCp3_2MHO4Br4ODPdm6h}AmFTL|;$ie7`Oohzk3e!8909aR=*?IUL>)fZ^oZy3GgQW+*4Q&B73?%(5ypXn%?Yq4(zjXJRA( zFsRmxQet_D*?24QvHE;q`zXvxORg%$JOX8btrzURBN^pPRb)pXIM#9-=P{6s-eU%3 zNg{p=m*nT;B769dDTO4<1vDX}KChxGw$wf;G&*B4Q{*6SJ-7 zwu`I_9QU}tT8p86y9{_Nl7^?UZKO2YyJ`5kgwdAo<9Dh*@9GH((QPYkkPnNX=YA&6 zMv-k2LUel{lb~a;IJSPD`@^-AT9(U0uaY{hs7@sfrpQU?#1eBP8KRfk`%IR&AATCl zHBG+gD)k}r@?vt_nfdQY0cHcS7I+JPJan{bldx{v*+Fg0olWqhA}p$nU|lW8fl zq19UuWq2d$E0B(9d0B2YoAKbvLJiI%Dml!J?wpp`_TUlDd+ku{*TD_i4NeCt3&h}P zkciAHo86G-?LXe^hWXdu{$(iU60LySZ1WkU{0Yn^qepflT2yQ_pyfcevYrjRpV(l_ z)-dHh{rWSc{Gyn0;3y=N0NylDlU{nLD!UVZX1|?wd zJ=&0THz?K{1ay-uGw}5F+4sW*rBHG$A!PJ5(yma{HbM zKr~=4+vnz}wCbLALj!STPjU9{*TFJ-!4&Pm>129xr2abRsmDc-)ZldR1Ak`kdz@_` z4c3FB0e^i@Z^wUllc7}ptv|rU>lJt1%i+U{IH0IgtKu^6KuTd`OWDX(&END5s^aox zyXvWJ0kkP%MCMy5Uo#g2%i(I7h&a5Au2Pi!Qb{PQxZY(^qcO_4fb@WY&IQuOKs&9M z4Y76xuzulo8mjtGI}=NXXuG26ezbL{Y6753*|ps9)D3;On9iJK5RBcq=Ld6d>HAJF z_dVytTTZ7FA345@&@yy`!1Y|uhvCBYoTU>~6SP&R%A@R3O!&@jy61E*POns55adA= z#jRP&WHQe}ATy52a7`J$FRrxMmPLzWFbcC9E}g~B=OLfDVAp<+@GXi_mJOLji21*G z^6+gk6f~%FGyca&Rku<0Qhn$3>(*)+&Pbi^*O;=Ly?6z%duFwMQJulJnnBChNHNn<)<&&&Z$y{wibR|FUS)mfj z{jN_5w6Z!CvQ}#|D|Mg-%7d;;h4h|Rr9M*kwkFF!YdUf7>yf9lZ`MEaMEwogrw*v6 z?pe<3U(q~E7`o`4vf)02RU}o7(;JP8jKJ>9Mb1eWgrOTw182TiF6ZNU;LidyUXEvz z>0*wM{UeRqB`T|(%2{$%RGnyVcKK}y|B7tp$Hl~)JI{5G#iByJLGe}9AH zP-UlKutq`gZNI5rwr_Pbb?_vvJAiGXR(@+V>CdX(fR@nj0JebF<2FQ>spGlAEhN6? z-taJv%%@FgCN-sP6uPhaW;dafpE_aP6sD1@Zh(jfsDr2YP#im6X$z8 z_^sqQQ8-m7e+G_4M%2u5wOf#yn~F9Aw3@go7XXEsndcW%N6D38&XdDY0uqvJBf)QE z{X7YU6p~y93XCK0jm!-ve5{n;nAg&QGRcJEAl)VMf|Qi3Ms7H3$d z8-np}LBgFtu4Yj?)|U?lEO8`ds7khJ%ZvJ^m+tSHq%zMX%i!@F@vIYvjeWBv(YjUx6N|j*jW9Z9 zJmPToq&u=^JCa1$vK@()Xiarw?*gGD;KXapgBj-{F&l%b>WsjZxD2hU0Pk4ccSqv? zSL`3x=a=vJbiaG^?DE|R2uq*+AZ`8xzK;O}*XNg|tcNQ^i=E2T)Uy5a=JiYdmG5iq zP^qa?6s9Xg_pRI_=b~2MaIOePe~H!e0a&JFBlPDYr!oJ+-3adrfbaMvL-h=mbRy{M zOR*;zAXmt0&9h(}f4@sOU_J>vd6Lwx*bs%1;VA8_xW1nAKkmY?t%~w_X*~nfIQbqv zSjEwC$7H34s(R!I+p}vF{FWOhvnTt=g;4HX%Ilg?s&_J_nRanmikQ&3q%Np8Nrav< z=DLu~_3)^~YmYz<@2KFp8X0HGzH9VI)EI;1_PyU_$#=aSv`l1g4UJ@q)B81IbFL>( zl>iHEN?EowC@in1T~{JJ%dmy@IZ}`EW;_-mRGIf>j`kw}1rVGmriDW3#G`s*=seq{ zMqtN1*r=m(ur%Z$@Rgx_rc$dFW2prViC48r2-0mVQjSVUrKfKM1U}89RSE-iiBil% zCrBLXZ;?3f@)OS{L7(4t);5YIBW3K z#M_LVk>_}>Gk3>%eybToCtp7K^nk=W@d_LbxnK%VGIEy0i8n4zg1FyyNFCiFmaeJL^(K+ugxJ(I~$b&B) z%jZ?Z)6vJuMLODq_m9JI9A`Qn^Zz@JWB%V6PiJ4aV{hs^{>=5yGSRTt`xpVpd0{{U3|E{YNKLEl60DXI^D*ylh literal 0 HcmV?d00001 diff --git a/stable/authelia/11.0.19/charts/postgresql-8.0.30.tgz b/stable/authelia/11.0.19/charts/postgresql-8.0.30.tgz new file mode 100644 index 0000000000000000000000000000000000000000..e5e82a8f3d60ac0bf279c7898b979a52e05526c6 GIT binary patch literal 79251 zcmYg$byOX_^Ed8p1&X^n6o-quT-=JgyA{2-yA*eKEfjYt?(XjH{CK|S{o~zpX0w|) znaNI)*~#QX90`X7_TTkM3r24!1!OUnlIN21|>wwk7)LIoJ(pwm)JT=l95cG$Z6`@L$!>HuIMkM zmUGBIDIftUO_}b%ruH2zAu6555vF(+;bWaRT#O80%J!lkE(Uzi*Q8T{Gf2l0Hz<=c z`-383f{_lE@HTe8^~RcrWriWO=Buu?`;q!);MEb(OVgW64H=9kmOkFPGJ`5r*OP>W zMu;)TC@1ziS^^Y~5cG>t|23scE?QYLp+{`XgoHyC4uD1x$blP7X+ZJw9|VKN|463oqy=9Dr)g zf&_llU=%JWfp%011_sI^917EH6itiR;?;%}swkOXge)c8R0LU}Ts|m1UnsIMCgdo4 zJ!k}GtRW&&o~+cwIZ)Gf3OWe~&mS+^1kAMe8jMf^*h<^|;wjz14j}`Z7N?|>t*mQ= zrwXT+P{cjPNpVV5r<_9}*TX)8OofaLxYnrDXEco@iN>}^H+kk8$n;OmU9QyA(L^dR z3YVIZEA4|52uAl>6H5&}WfA!fhyEfa8tP=g>M@iy&Mm+bCj!To(fDA4#+KT^K!t3U z_}j8=M`vbsc7WlQp%}3YiJS<|P@*73Y1T(sb4Es{PAp0)=+h51@v}i_|G=*bkafc> z)YtRI42W~O70UPj^#K zjvAh)qm0U*5tD{MA_pSpr_h_q$cvDXC6<}WFn}l1qhZs@_1?F_7dXh1?9nGn6_JID zK=rW#Epv4-XyPN4p(FBHqI!LNKKbmqUksx^IpnMdM?S$Jjtt)Dl{B^8-gKBgFP}b9 z-_Up&;87XaXA%?UsaOpS*a;W%Q2-JR>fbG=FixU`Y4}-tg~fk6U@WTOREJVRi&!H0 zoEi{bvz1Y>0)i=r4aD+<=i%{nf0L+f<0s3Nr;M@`Nr0%kF?54vl4z=xWzfrHf_G)q z0_CEmRIS35O1X|`69E+i@+svn05Wu}Xce^NDA6K)01iHBaaU|#V-O76RAo#M3nq%C zL%~8^Uf;bcy%cDh7nI#kJ8Tdrg-~!M){xSFd@?K7|G@s@h;F6_VHb!L9tT4Wk69fM z1%o`YWoF1|LIMR@ZpJlJ`HhTrY&x1sQn-J-`L=Vt|f2 z)BVd-#wFqb%yh@UT{weUHv)e#+#0g@s7cR9!N_xj3YhtzEsvPg>e8Si%pz$wprB40 z1u?-a;x*w0&vGtOu(+BL<-!-X1m98fg0vLHjZ~dT_P)mnD|yLD)>0AZ=f&BDN+ps8 z5UGZXB`o)!VIDE>?8eSUllKn>JCvK~7kP%|c`4dzlo(nQITLPlH;h)aMZOz^Vr z1jFwCq)7GMb4y1sM2k&zX)VBx+F;=^#!^H6MtsjjS=jEqV7lbuoiq*uvV!g6w{hT1BfJn?(4JXvknvfHwkD6~e$2KQ${l$41z|T1UG|^cPL!siOph1HH|7-&7DtVWMv26S z2~Qxc0z_LTB2&!c&)|{(BX=dF5VSs~b~}4#MkGM!Os*LTL}TmrGMyj9$J~@fpQv{P ztM#Az)qQ$TpVgfzYc}Iz1MRz-)Z7<#qV7xV?T@l>FI8|)nrd;-~>^fV5c475mRCr44;8&eQT z6a1I^kLYeJ>}b*hDQmK-7A2!43s!2GQSG6I@234T_e9Lgqg?O%wuo1Tq+iOzVWY_& z!&cSB%dmD-YC&49*r3{07(fQfFYvw(Loj791Urf_7uyaWXlAw0$<}z|&^gkaya|n> z5>ccS>6Dj3M-thtZ4)fwya z{weh8m+~1(XLbs{F!<8K4~Ti|!uV4d^(h%6L-~3C`9|#SoSIDr@5=28D;Gn)pfY(6H;)^tdaEi+50K*`5gQ91c=8K-=-4iSZ(lnok?^Q zNHU;m#23kd!eezsNC`?b$|J@yCS6_d0K*_lbgaUWnZd^(A(SXfg!ci`4+mMZMo9IM zl1orF2oBxh=MfhUB_0vN@7Z%~hxZ%kLKb1FvhB_4BHe#E1rktp=PZzNI4pyNF>h!< z#L?oe+hWw9H`rGRPCy*sNID%C!V)jyhyj3}`ZO(P#-c`I{d!{jAmO3yzRB4U8sYE} zwgg1cBgs%Sa?{$7Qq4y9;_N^%h%brA9Y^)z^nFPpFe5`U!$3eqCJ#0$7`Y;^E)Fsh z0U3jjyHfSVia6qzaalOXE(>^x2Z@W%2G6W!R#OVnlHSgLlC#sjzO^_jiIvpa3Gjxy z{`R}a>%K;%-viQWU%YADY+ip7KVO4H5?FmOsyQi|q*y<(%$6>uFzrNN`pIJc-$;zW)mFA>}@3vAdjL8;1@Lwu1_h1KYd zT4K3}syux8@0qG{TJG{<1|3eJF_35i<85{=bRm1;HX5NZ6uQ@_u(t%mq(26-HnLsd z+wMCWt|JO-AjLm!JcB=-p3a7d!{Y=cnwn5z`sT>wwG0fFE(~BsjQTwdzr>wc1`*H( zCj`cc25Ddi5m*Le9OEFW0Dy&DJ1z3VS{PFua>pKg_}Ow`kbZ>>x?9aO?i_6^ypa)K zW86mWx8qu3ty(xpU0j%(dr{zgn`FNm+;BIyHWaefTsG+v$gPPFxfpQ^|(pumm6K&7N-IGjN|rKGwt$jb3^7i(~X!aHj$j6K3+u5Ogc zDGdbbrCG&qXNT>^$F)EXJLi#RJlE>$c`)Ev#s7GP#2tSy zKwAZ^8+o(9u7XSzv>>xx(SFkZ{nA^2+<#}#l14P%b7v3~4es}0cZ@0QEL@1}7TMTC zP>7sTKOT@=okkA%8*)d#R_6`zU`wCnEQx1}=%g?sw=h(O@QK0z?a|3;*BBNO>JBUPotD999#mn2PCcbJi`zb9x(4DLWN zh@mfJP^N6B39?Cd^Y4=-VR%o9dHT2)966&cSUM8Ss5V2*zo>n$D}RV<`j#VX*mk2t z`ZS?G^-+>AP?U;jNhrc#(`+r8c(AmhSrFjdD9H#v`S8Z>4PF6a6O2SdfZZjA325dT zu}UMBxZ9O!?P^$KuzWweIw6!BYG(w<1OA>MYHj2L$%iDTrQ`Do;K3S)Hn3R^9tN|Y zeBBw>Dbu2^yYZ6C)j+7r_KRz=#2}5y0AB7Da~@!0Ip1E1rH>k%F)*@I(CgqzQ|va#J$t zbU_?sV<%K0`!1Qir%EZ&55%6r_in(sEz()&CRkXK(`8~KrAD=r)mA+z6+i!{H=b(u zzop`a04W?v7qGDOeSbXlLbE{CQPY@x0{xp#67|1$h+o=r;^4U4o^lqbkfxqUNpvMF zV2z~^7SSCYEdPn7;jT2a4?WKj0Ivk3tGmv4YR;6i_*bzfLvL^03?_Ge-|r6Sa815i zYntL-a#dxEh0@x+K}qV=nJ|<;CQ@Y*(Y+O*&&))M)KSfI;!rrZ6-j4a?-d>l2w0;< z0%NpV)EMK(Fo_;}m42}c>chud#m~-mS;6mLc9VR5Cc>iWe(X+z6d7eiDcajok_ie< zdQUU~1G?!YkCOuyS_kry2nb|oO?5zR2GQ&6tOxNV)@w$hGALYyLFeS^n!WPAt&jil(Svk042%;Hjz&Aucwmi~$TbSVvc;r>6*ujthlJ93YL&=G$o$ zjI>2>Mu*Vb%?MMxWnh3n`5ki6O&THH8Bu{2h7A_ie<`(>@u6tTKpz46J7jyscU(wn z$OajfI0!PAw1_|!hsXw6Ztjf0f6E5n78o^qwz_YT6u}`COwvaK9ULNCXt_NyL@uyU zwmP@=3_WRKP+BV>`X8|D>I9%+S5<14iH5YQRRk4>2w_@HpZ&&7+^fLjm4bCBRC@p- z*kLLQV0^5jw-mTVih)@Ggw{G`f4J(z!-R*p9gJ@asb^#Mbjk%D;*Gg3c>bCpi9T)jr~KZX~Hmb?HnPJjEh8V zxdRYUq=TD4H<`WrrL%@)G>U!@C&M}ZfjGdqs$i^rO)2G!;5le!TC3oI%?I#gz9qrj zT(y~zaST3|VV*VF(tdf|JtQQ4P>7P!6q!ks~%x4 zTXpIHRl^(oP^i9rFxa~C7+yXb955hO?M+;fA~;jnC(#dCW7H4H1Z|JV`rxsBOVliK zqE=jwV2z_El%FL*IG~uW3k8RTPVBQm(#P-PXrLHl4Q0{K&JHda= z$Y0t{z9a7`r#-mC!h5m@IL`@=am?wXUuz3?QP^1cZA^N_Y7!UagHokFns$>Q#E^2Dwb43~rCLfut8>x~Ne3Cvm#(v?FbKFXLBQ#L zL+vVD$VC4WMBJ4qOK`=97q-chu3~@+gW^jqy3Eqb?RldDsQu4mXzVUGSLbEBSxCOdyr<7Y~9=9XAClxfRiH&?>2o-H?!>h?T%&+_ekJ zFaZxN8d{4pTl_c?62Te@pofJUdv>>9{Ii4s1`jgdBupo%veJ!Fg=`h~b)^X*&aJAK z@mw1^^s7{FSBDwab2Jrcsz9r7kR?^`$wRBCRSOf>{ig%S9|~KNjB8h5kz2MC3xo4_Kt6H^jC(?xW+rGsJFwsfE)}AMXMsk4Ip4 z`EZiC*VZ&w2!4t8`4TVqB|fLg2)Y#C0<_nLTOKHiq-IDTGP)e4fb30utS5a-64SeB3R5}{mTQm7^_bczcfgHX(&XgFw=aWidF*T;%L4^E>MnfC&n6EUs}4qv}}E8aR{%S806i-6|YgpN4{;7!eBch zP3XPDm$RPQMUyDr)n`R|FxS9V*-oJ=4iv>!F|3Fffd&^`vLJDkK(5-O zv>)fAL-wK>kz*mb!XgwC&IcjHF%iNaDs3td2^XqhLFm{QaOC-JGdjz23A=FpbQB|hCovaG0O3?16dBH43US;! zig&8xnXx1Hs@c>cLnree%UIep-cNxbyU4b)HNv zjEoeNP6m&Rf`@UulGxftL8s8mexU^s;Vl99(_X6cr=3Rfg2^hQeQde6n@cIeFnGR& zbektwN;uD&hKBu{D?R(7(~t6LHAlyJ+y{#$5UvR{{?|1GyJ`?OSGMy$q{Et-_N0vBbK}u>=pWO?frR zt}HSMO`SJAQ!fIXL>>>?G_b(VG;r2kmWM@n3HNF|I(G=NL4xL)a8sw+-E9?|K5P7$ zp7DEag|R=F;n__m%KmV(xr~YNxU+K&Rv#M`JpRG6I!xM-4xT|#qU8@t(=mc*Q?y4{ zfpwyNsTN7w+4CZ%Q9vI*<*H$>2_M2}ljQmr@i?6;uj+c!+HV`Q5diJJwd51X^9ssWuAiC^rfS!XHa*cLc^?o6=oQSLBUF z0kn5tP48$V5d^Fy4-tSB>-)p)5LtRPDcsIOU?=0+l+OvQ#) zj|GNz=YkawqNGxI@A$R`f$#^i#b2)sY>u%EEJ>6OtSK46Ur&`M82b%N@4uMQnhRz{PXpHOfq+DxDaTJU z;J?gJ-o#xT+6Y5muuI#31ZkS09LEHHlEMT&nkVbOa)QzQHyP?!Vd$*GQwFI|J>0O` z;s>W$KL#8l0G%5i-K$i^hWi%IR}$jOI>N|glhqYexdi3#rBzlC<9wHDv>`=COA(NY z<&=)XO=l6`bM3;v=MwC|lvcF{L~?7k6LfLojNPL+fGOKA&Lb=JU8BLtdkHM|dONN|dOomJn-3Mz@;{n?SyFh%y zqBhLkp+HFB7GD1%9tspCop8t{wNRQ-=8b{>iPW8U4gYGh17<2spqaw^4FX(s;m2qX zjgU0?*M5@VY?L6^ZiFD0fDM*L_Q1cVhjSw4CNZl1f58W&iyjI1KAM!U76d#J4ATTW zM)oO4Z2Jy8Dsz(_=fA=G*3Y1qs{S>2*h(pl5FloIi6RWy{jc3XG$+pyGy;v3C77$M zCD^_azOa@IBoa#XH5!j16P0`a02&&xD_i2fuh8ZfR(u1?))kFwpA>@8PizJAeTuE{ zuSC0euv8utX0Zl!BvN>IQC$eg0U2Njubp|_jU32=k)HsMLB{a8LwRXloVSaYL*|Z^ zW2CVP?kc+)(3t@m#IfdE0!>`ABxpHqNp9~Uz+$0*D{J*L(nUHbX+b$6z+SO9u?3Yw zLC%3^NeXk|I7SYV5pdwd*R#?n>RY&{Eo7(z14e=*K&M*1Ry>mh;D4M+ z@rApEGru`T-jWeyehXOkzux#P?FY6q;~Nse*AFs2(Cr)4z-4sYXk;0$tVzeot`InG zrKSd^RU}s1dgD5+ z=`D@|cp9CQQq)n5GxYQ`S8_{OL}D{YL_#UIm4Njt6jVrO)Tuafk0zQ_AyvM-*&;Qy zYv|T36}_OgqF#_w=~XTRHW3W@H%-c0DiO`WM72?ZI+=DE{!$$oewt7W)KTD$qrd2% zqi=1fUwh7BN|Y2p`zUXz&L}TUXg$g(a3RmOg}B^`?|LNjmynM%h@P<3{!C^s*G_sb zmjHu@MwTp;we2k>D|?~RCkw}eD?z>e`C31{APtu`?2!i#XgX1n6M~1`24J#%Jo;-KrNwR{{h!TFJf_Ag26@&~&+L69(If|hY z1fXshR+c%WL4$46OgIUi{4NUc)?dM}*kEaqo^puSOqW;&7R-}wrv${cy5*&>o*s6F zB@@La(Rqeu88wl5K3QhW%!vu#_Y#)(4ACAf+-G|}0vFj$`#LWzi-PM58_)jXe7Y@yYoV-kv{ugr zJJGo2F%&VurhI-UzY>~pG?*HMb+g`ubhi0r@Guy<3pe)1G-N0Vg^jS0*-1|dc^?fZ zswH9-b-e%h>(ez$r+*kUSX%+--QNt6J^G`z2e3>PNMKpPLbbR$CzAM>>mZ=8Lqb|Aj;!1sg!boXWQrl5T(XP6pPM8Vr|s0N3nwHJM&syUvQSY3j!tM zi@E4(*ocnNH|H@7a1A2yRbc;A9Fe0>zM~Mm6*bky?mYd&5 z6G?ijXGJRl*&t1woc_$_5B&x89mW#ROG}O@`YZA&NpNJB9vbHDBMAtWQ<`jYwQ5(>CsUC0k zPhr_)Z+h&Z7&Kku3o0iz?%Kj|lNb+v3tNXFgKF%U*)2BAaMuHWI03A07?9<>7Fy1p zYKf6Wx*f6*NsqJv3f4g#z*&?79nkHKI)?tlto|wqx1g$nC zRmTy^9$&82HOkc#jv4D%4P}k}S#IQqH3{m-mhd}_K~K1m=r$m44aJ$XanFtWp~vjs zV|S<6n&}tB6gRuGV}sM?w~`(4Tbh83HmVo%pEhIGM#*B*lO!(x6CoKGc1OC^Dm0W^ zpRLGd6-^}ExLbyU8^r$-X7y)}vS-Z(!Y3?WM+Yp_lo%k#!N;(xab?lMD2*%uO$KrH zStv6y7I_FXTJO7<=NZOAC6vM?q*!vfAaDqFym2q&bLIvXe$4E!va+4J-NJ%AD3UZD z+S&(MOlU*+Mj?sBkmLE*kSwdF4%Qz;dA}e6?5PNb zPGzHt9(PQMY_&UvX`Q2(Dy_O)E^+GCQlV1h#b)&o(YVPrwk*E(A`QBixjko|ZE4Kw zRxEgupgIA)2mL^cRRf@}$X9qXMmE~>A+?qyQF?5lE}}@C4e40l^2g{a&qo~uN&WC4 z1H90KPfOtt9*8W5U)*kkTI>JmZ@ZBX);P976!B%1_Cf+T(oDBHF=fW4Mj{4HU+9H( zLHpo!hqr0>RO9N}s@>Rvi}kTY5+pK5a%WZ5hb1VBG#@6!_HDevOQs<+L!HT7c2<(R zesdrBXq+J_`snx@xw5!GAYI!3GE}?e+y-%1K>^L_=4&ljSda1=NCx#|C{knp_N4@D zcKux{)}O09fNIAP8aK5TBIa`#;dmU(vL-~uoF+#O0`sFGvaGa}Dlh`m^C@k`ir3kZLo!N zxR;yhl#R;*bIYfc5~wP1>;;bG7Rm4AFa$iIG3=NrMM76#!yA_v`&&*fl`vt-dX#q* zmuqKO8J-%16wV+4$%ZCIzHSsxK!LH%5$9Lq2E@%Tj5kG*;0lXr86^AW`2X+*1rug*SlJrGvF&|;lo@tC+yvDhBiaM4&9 zT8z4#>r$nc>Ja)2w3miF~dY?#%JEZynI$aJ|)x>W0I7YhkVwu~26 zBVh9he^eMfp9?7PG@6#2Ey!5YZdpQNJo{%!4Sr`6IMh?PADT$3f8?s$IoDHc16h%0 z3?w3|J)=gVB%#E0z6F$`wU>Fab&phxXC-QAJv+;#{~M_YqVH*^U~5pj2BZ(#%wbqX z^^O2*Jj!CLIrRP+aoU!g8-A}Y=`uavJJ0%?{C6jgO%p+7cL5whWMV^=#`#cKb#OkC zvRNgMa8G7(WeHK>J34!K>Qu;ZD_U3~64e)EW7>!UzKD9)YgkSj%@8~!9&PZ!Bgp~L ztJ7(QQ-w{x$NyOd23LX2Jp{A&y4Ol;`Pu|_mSfCqzPF49(xkVl5Ol$sQU+4`e&!g*EQ$Rdhux#B!`w6l*89meAJf52jI)$$%$ThcO>n5y&?zr z2fm}Xd{K;nUq9E9zENVsM5cR-Kbd?8u_GrXf{HafdAO(){Y%poZxq>FntFyZ{;<4K zYxNx*tojusj5^I2AIGSm?#3uSrVU4g9Cz{bc4KI5tKfhuZI)@}dq9pov^pF9ooS9; zBMYG=JzT^1$BEI2)`p?dAzf|LE1vBCH2NbJ6dz>^`&mI%>Xsi8D=I;aF4hTT#R zn3m`wWuF_NL2C<>`y%ccIkZ&{O!(CCkfK#f2l}yErZI+1 z>e+2iu38c82M&gn+$JTm7l`2?YD22FSWFOXv7t7*-MIl$zROMEz78E;i&_8d;jkvg z>0T6;PQ~D5E{b}t0x~2zyH8JCY1&S58Qr@>wmn=Rz#dLS*pfR;$C4XP5+B7VBZPb# zp$w{)(;xX^t>UYiYQo{K2$|6bM|xsvM@-B8k^us)?%!3S zw|-eYm9hP$CI@v2ozA&?bxz&Kybv2Cp8`W^Lr)ZX|b&=S=PcQwAn;qFVgKyUmQXzAeQ>piUNk8fB^ zlHw%5X4aWt0ZFW5&FCjVzwG|6CgHJ8oeIIB{K=oUS@J6>SKcMf`B|5UyL!(;t4l=6#nS$Pb#eshtlCSm{F|g1`{lS1m?ShYMzvgg7`*IDtR(*p+AuKwsW3hwi^5+QsJ#!uI&qF{%hJ8<6*>?z z4H95wqG5bxqEeoze7y>UJEkl`FVMfV_#m#5$S*ub<8QK^g3f7MaBV(u5x_k%(B1$3 z1J)&3YbS7PFuvIF&F6PHmuQ>f^63$^YgdOROJ(j&Q3}Ao1SL=X=X`H$EdSuq#s)-D z!+Zrf)POi%lK)}{CdI&+8(J$DPbR$a$wY<#@Bk>FaPjZCEICfgXE{zo7IZV@!$oN&FS@#&ya*Lf3;vxS&V#`~A(pn2RW@v+gOtujS ztGj!gNDhs2vn$7D^I+Oit| zy<6;bvz|wZ4d#UOdZ&1T@(voXSpHYvi1fZIm6DIzC)1wi8ns-(|Bl3$T=F%5H>R!h zdPJ=^3n=z~Moc*U?Toy1s&b97ju&=a->MQ){bsXGfn3|tPX;u|vl#dXL0Kr{Bwx@% z)3+e8!I`WdbftVgR0en!n%72y%s|E9;jtJhOuK$K%sHOEunf4BTU|n*c{wvNL}=JJSStc@m9uZFlW|fM7^+kSpUF}brk}~9 zCJ5jRiTQ90$s-JlJ-}cj9N`4Nb~0TdvxHtbi15`(I_tI11Y#i?UBz@H{D$8n_|c6I zq5r`$dvO!-N(w}A4TX^vFr>Y7jnf@5u6Byh7lm=PsCF>e@kv2HGe|?cw&U<;XAdu> z&BlX{X$j1KcK0Ir(ySZEkfxLH{g+`zFXlX|x{yA_JhD_^u$d++-V+>~v87cBMIYxa z55P#1qi%>V{Q4z;q832z+UjCC$^>M>*5=c{Q(SmV>U%2ZHOE;Ep~9_mpG?+*Zqw`T zJiPpQmkmg+4;ZyIi)CqkXGi9tfkJ)~u3)7mXJ=1nYxcva0EPKpLTLEs<BxUeF6qhS(qk&2NlXs`l~9lq}7l%=Ar%n1%9M=9uajW3&t zI*ze25{f;Bu<40qMOCPffR>>K9yu^iu#`DWEn^kTMEU|Zn~A`A@`+=)cGUY?AuDI0DE4LZa5-9ftT1*Kl zA{5rn?3HDd<-l|K+-)8ai-K=0ZKWeCCNf2eHfydE$%Bh9A>-6?l`e{;I&PzwhHh8K z)5I#Q^QWcDB8K=a8Xgp0*e`;PB_HcR5OFD9i1v^@rAreiB2$4Q6K4gIR`F^Ic^1x0 z!V(^ck7v#D9#EnhlNX3;CF;%f@VfiMtq@EWFNIq;FQP04WD^%r<_^!8aX_XBG)iy` z<2=_YaR0c(z*u-uEJgPEg6Q7W2toe+7&8dh)i!&VG{AkneEH0I!Xw6;KISvjlZE|c z`s-|wBus*9^W0@l86ccHlWPtYn47wt2Vey;3lXM#j8*p8caD1|JMTZQf`e+8$7U+z zt1hs)XgL7!EXqj@PFsbsbtlU0sPp_kEaZ9~fdT_%`a)}C|5~4Dmu?qzj8BoXIIY!}MiQx4)!)iQV;x~XHS0~n z_1WW(OoSIA$>AMrT_2_)Yz^K=x{Nm32v3_$FFH3&2bRx$$)>e8Qy4XbmftVDWWo-g zB(A+R_SP$P3y!zOQklCDeqxm^x$Uo9ROz%_{Jnn5`V3l~xtNx3pja+zSFf_lPE2&( zUT9a0)oHPNe+p&UIjS@6zrC&S7WlA5xuM$AtlIKPz24ciEF3Me&yLJ>(7c5Owszk z8`MHSFE)!hU#x-->24>iE554=ICUvx@&5U?c;Cgw|M_p8b-IT+8_SlL>uPK$GE&I* zO)6%?&)LE765ZT1Lpv)Be|NrY;Hb=Fx;Nc2Uhjlc|Dn(S{x~Z?e?m92{q309mQ7BB z$yW7Shp$Jo^=Wta_P2-#)gg-I^FgCaYS;n@z~Qm1HPmPQMV%%I+=J>u%?pFAxx`S6 z@!{Sc$3L6dtNz)>wLo?K^_t77hjLy!^+G?3%}$>j7ysN^N`XcGkJhdkvQMTg?}@dW z`$c^}OG+HnIK1l1m6nr7_lP<6D~3ckwlHL_DdTTpI`E=wROUA$R+ldi!cB) z4$Fng!86P;?Zq1WJ-j4Pmt0B{$pO)=vH82%>Dk zSA@nD!KPvY1QT~+1VqYKhnJ%S?OF8Ny<`oueeJ|E@}{qUG8 z_sg6fyH{POz8@Qs$A{k%nmaaqf^~iWZRz29%5YX)Ke?lRa4(@LTv^Q7mEPRX(l;eK z{Jm)f36^`RWw=Adai^HX?S zS-e&=>X-?1H9FpnK%akux?6v9*45Qb%Iympn2Yf}ooRPD=dFFbAU*h@-|YFdtRMAj zaDF|%`o68Ltx0^>Y0AW&H?oeS3HY~4neVmId#Nw! zrDl)ucd5^>>+vwl8U@Rx-S>DVZ+9q`xa}|H{?)Y>ricLe> zU60ShSnKulikwvWD3qxCc-54V-A- z1wYJd;JowG67*xLd7;GkJCQ!C$vk#W!%jrOqv#K=@*z$h(yCRntB|RK(Cx&G*$MB; z^dzmvnX)(S!)o>0W6v4u=WUeiK&Iqm&i2M|+}p#OsHj;D<2Uj3--HvI^G|QL1KEMP zcM2EbUOLV0>&@4bYxA6nb{~ds@{rT#hc%t5AbvigR?H@|YfSkA``5dKM!<3EYBS2^ zQFs=OM-FkjmwdxBi2fjKCqw;V*Gl+otTIWNC-4~Bve5?lDcgw+>Z*h$#lbj~U)pXts<=Kb;ZPSnR+uhnzOne*7 z1Y)l3p<*E@Z&Po879#PYCjWIPf>KIq$z;Ru;H`6x?a9+iQkzd!=~OIdYR>TExu;WK z(egEI26J=QMYw(0mHhVP{XJ@i89YK)2){O|_=%lsP0ssaUy%S6gPoUn&!~WRHL7Q$ z)xfK6U$%p%dsm2x`X1^UAHUDL|2pyII9y@~^Lj1izERa-D%Zv_tNU}tgn*aLcb2Dx z#Xg}op7#Cm(zJ#{bsy5~CJ)}z)1d|grlG3th;mr(h2iSvO`VzRLA1#jLW*RG9$0?X zx*=jUs(c+@#`%9Iz6bLoOO1h%6`g);w#&I^QiOOsI}3sH8Qx7@f3Gsf2}&ykoRuCF zqBl=VHW{=Ye<|VoBH_E2tAf|t)fv~ruQgvkA0MjH|B=o1GFe2NGBK&?`gW9ERzYm6%4HumuQ*AZXf_|<8b^F6Ifs@A5R@RBt`_1-y~ zOe0emB{e!rr0z?9Jj9}#r@C)?t5fw(R-I{S7D#5~8lK}dqqK|KtvBvEBxd)Z z|E9<@pkN?!ve!Ba8!sV}*Ur%wxcybMs`7Bg@TdW3H@%Le-Sks9zri} zMPq%@HGJN8=VhCmnE3x~au~b!7Z-v*AF7M4_j#ugE%JR>@KO0Jc_vH^_02Mu9}a{) zbyNB=tk|x2>^e>i{fLb{dwx}0Yz=^f99C)XxQrV4^=Jd!4J=RgVZyFVe?FP7ut(Wo zvs-09n_Z)|{ps0BP@ln@d3)4zBGFccZTGPzuB9<^_ns$ii^(*hl4+eVZ}=Xj2e{5~ zf5X|}|5bEkx=N+le5sprzxYDIIaayp{!U}%z57sSS)P9Be)qZO>ZjUgi4TCiv~2&^ z<_zt;!gx-3@o}Q!6q2p<|e)G_iX`pEEl(SEtNt78iDNVrh0K4z|%&HpSz(u3kL zp2Ni`C6LO^D_3GWp(f5g-|=gYS7Aoq+GwUD(UxbpBeEOZP|I&5!fH3zN4g ztPUHY*E@FxiX94zTXB#20k>pR#FNjVTtfWTKoBBNd%NuF#|k;8q0&RY_*k<(?w{7x z=YOtjIf}p92JNrQ6`Z@u<2UJ6sfFB~UK8IlqLw;~%DC4GB<(UbkRujEy-YlimMaSm z1LopR;~h)rT|C|kEe2<>={p(U_Se$cXAl3zF=_HR*}gTewzF?`td~c|9!--UUv2ko z1ZKpp`Yx6WI{mo22MfrJy$n8==6vr>u_xkXaaS}dwn%qx$Xi@he`I*;SP4#lw7(Nt z*qPp6{7p;h?Gk$+HXwgA*EY6?K=i|XPdFQUrBv1RH-{xKNizG7@4FUM@^pc_l8uc` zkm8X^O#~1MJ~FH{;(m2X|0ija8nvExtjPTOK5@3Hg-$NIH`1C+WtaMSY&y}VngFmU zk|M`L%!l=J_FGxCrn6bnnUwJCC6@+b=i|^OvX2Bx#Glx5kg;)22i}Yx$&v4a-OjI8Z^5?@t@P3mgY6LHt}en~^IdKE?tZ1Wdq^H(Ep@$96WeO-ovZ1U<6Uf5$McSY zug<2DL3;eKHfz4m`^2$@oA3{Q9fh)>X;BQ~0(V}$=*y#LOq9=uid@;-(k0@z`g(=U zoFyB{pAB}*5AS!_g8RdS0b57cyR!n{I3ENz+g0qluARSgZVI_fSu*ai78oq8h&kUy z*!89U?7DGH>3;pF_)B%2)t*RyuqiLV+dc%MW!-(KHZ z!7SSGI-EzyUMm@T2p&pwm9doW3SWQ7UGLX^e&}PMJNLoThnQqR5xM%2(>?qqfMCpB;03F)2W70(KP zpIoM&rIAyJweDX7M|OzIi9414wa;uknQjPL6TvF*I!Stbp2YHIRljbbqO+3gWNE&& zUgzlyQlEd{oczwoW-T9k{>xH!4@!w^7JZ zjJ;wR7kQoiVw~~?znuHS?V+Kr3KF|T@{U!*O#pp`(^Z`uJrI+ z78x>uHPyTytGBJ^-%u^EbIXh+{q2X@0n_WKz#|diuDCRA$}~-21FvW%qz!&z?T$10)9!vUgF4I&Ogr z)aEIUJuCR~e%CTj3ndZ44(bn0V58LwBMsq$ueFb3{95Dz!cwlktj?N^y3YnKA!5F{ zc=_0@-Ls;a+Q#}+5ikCuU-Em-Y&4`5LS0R4`^Yiw_&A%9ckGn-3>y_B?`ZTi8M+kO zR3L0VdtlO<-lds*8KW=E36ok4RTGHccV&mMU;o%jLLi*T68fxn-c=4${Vim;(+@%n z=|p%GNIjUZ%wXm9lBlAUL_vURiRz$7hJoEyS#47RH4aPM}mh{jE*a_2iAKIVzhaZDnicOzHdmeJ2QRS&1};XxINny0jH zCt9Sp=ZU#>xD;3RbG)|yR=+X|zu;^?^3?m8f5dW(+lZfkwl$y8_Z%?l^g>T46+4JXYi|Lj!ux*CR6TgLmAXaLbm(d#aj7J+08T z?wp8gbH-ifskl8i*E)<;_b|+UVt|;F|FExDHfo(Qhw|9IF>-4ZOc2hsA zk~@wx&QSlo;GGLq38pj)>mN>a{0)cIKlS0AlY3h-e~CYcb#L~@ zOLOPX|KYa#7JV&p=_cyeAqidV0nNP8cHax_3{rg87JHk2`NyI>l`%#5{V&vfM$m-S zPieGp_dgww#C1Nhn~ESsuC-R5MMa&Vb-Ox-Mwzk1+T*h+y)m@yo}vLiDLE7)UK`O``Q!QIkkWBA2@XhsW_ zmUJ>Ol-_yHH!sWjPHSA&14v4_o|W|!cYDMc70nkE?g+kR^4j1!naawXYej3AzIC#| z#cmc~UUcax;oUq~t~mnNmzDw`kq?=Fp0&}`-_Br5|5%(uV)+1HzdLfBx-D7%K{v

sOZbt+oTefJCJ$7uR*qlEf1&yv0yZgw6)8G2T!CsT=9G@}bOT`>r{yEL~ zeLMP_qsUI7`P$@*h2KA`TC{4wleD94YM#H z=;`02v!_>`@P>8KhUTq!pBL4tmU?yE+Tc9$+Vgko=SZ*v z;V<*M9gS)#60JS?{9UiY1h`*Z+*pC&6*7Ip#Z|`P6?3b4zKuVXb5bM_jB8Qkz36!z zUvIyfXS=^S`{svdQ{tYdZ5wx|Ma8U?xq)N6pfi7q^PZSJD;yb+6M0V3{Yql>{gFUS8; z&MXhXjW6wj_qB~EswAj+zWeg{t?!>5YW(ZSm<4C+{_Z!iqM+~I;cZv1U%x`XE%Wp9 z5nn!y4SiwsZ=7{=e2r$8^YisH@S;n*GZhm$`u+AeDs|fv&8Zq24TJ0ZdR0vR{s_@n z56y|1`N-_Me~S3>i-jhyQG;TRy!mPB7_WuHuOUIx{6Fbay@GGX;8g{K`c{EY?NwB} zls9pB*qpQhV+U^4zZ=1rWUrtF$SvKs` zqhCTL4`Zh`jX0-n)F2WP)IZx03HDq(H+=Ej{azKHyi@K-STs4P(#YlUXD%RK?S11@sM4$$GHKCn z6E5&t9k=%Or?*d+golR@ynFZVxh4}vhxlL~QyR73BWltFpNM%sc)WgZtvvF2+ty)S zdYFouB_v~6Q>lHT3md#^L6e7wPHY!kxqkX z+Bn}~kCl<0`xdQ?sL)|>-h{g`OAYXEsuw*!3wtL{=rp0@lA-%YeeLN}Q|#~m{_cnS z3l!B4@Ar8#+dpV_|Fk;qK7FoNVWi>OjvvMa`^>+a`unq@W7&V**|gb1(7C2x?DFb@ z4vqDK`$y7h4VBz{qP*fA?CG02dicgw)8WDo`{oyQxuLI9>C^I*sudsnoV?X*)XsUr z!Fdyk@Y9uj_T8Cza(qapR~JdqM)kNYX;1qWJ*1x1M-qR#9QyE!vGeQwAL3S=EsE>e zGpKI8dUJfMwb{@qM|tkdy_Jxl=J>u1R~!%s%vpCXY<$tUT6WDjz5>D7f>mBewmlpL zH*L8!?(B{ZM_=rW9kT!EfSO|VCCwdqU?!3wcYevyKBe~ zh28^yHToD*Qfg#mWHhQbcG`=t{&_yD?X&~pUvG}8JLSlxovT)j*I(N)>np*dvu#H! zW5+j`0*eIu?!;`kxNMNXYaaG=<+vmtLBFbXGV+993mQ&%c;nkw?fQCUFI*&FGj!{s z12=Y!#$CbtTtDhPdi|b{!pc6OSe*1&mp7M>AYCSY z{-esxDE!Bw->P<$cjy#8-K*l6zr`n>r;Wss>u0KM>2dc-BcFwh);IT?q{I9U-=8_W z-MWAk9=X9!zNll6jDCtb9X+=d$uF z`|HD=wC(*SWxjj1Y-ifj+ulCXHNC_+o?EAc)R(@!e^@ZS`t7MrhHicun)9=KX)iJ4 zu`++-LH)y@=X>t`rps5lN*Fza2f=`^xp}5f|3=Kau6N z*zm5(+(%@eBZ1xgvKIO+zBMRjoB#gC$YH<9i6L{~svqhMCp+|9-YV;6?pxWbUsG?d z+v=fS`E6GHzv7;3))szPIsEHKNB4Z#q5ErHc56?;z75(@uyn=brzfN{+M4`p79^dV zJ4Sn@>Yw-S?a90`>|Iz5rX~YNe15Z|ad=C(@ZRi!!^hu#sXX1~O_$xmvrp95wjT0a zh^$$({H^CVf^&QQqdUJo>i3h^zQQW4G!Mh|tNhj!t=@LNajWVT{X+kF6I-XKf4$%P z<#!9n{k_rl`UUgvrKc{4pGBSBTJMVQuj$y1)VCWNRuzmqJh68C>bSL0)2C05n^af+ zW7uNzKcoNbzPUrz)CX6#Js%R*v+kaMKBjEX&p)1abY}LGc)^h!{enG%`Y9gXdsV4v zme=TsrmvHu z`(Au1HM`EG?g651+hXTTzc<i77SaW^XsvZ@eobNU8a1K6Z!h{I}Mm$=z zBI5Y==h%r%Y1X|z|BU^$-#XDx9Y(eqxF_!`L6w##m#rE;J9W*@z7BqcgWe|5Dw z>-RAA$CXPy)jqU#UDyK!lqHCr_GHtzca5b@maahu4ex*5e}?+i9i?!YkH@WF)}8ud zT7h5Ao>gn<&WV3T^_z=rTz{h8n~6u>%-Ags%U`{EQ{t(-aOM5A%a$!$-~Qu+C6%YN z4NU0MBgeAD#SU1%E%EcmH`Md%!uV;Pb=v>hy7SEXu=4TFL3wA>+g-_icVXM(@P_05 zZa;g$vMNt!)!U|hyY_tTI~6As%vf8YZ9!w7tlm3TO&_Bk5-hDUwD!zFyM~fmcBI{J zryEfb%1Vpba%e`Is_?G#`7_|c8$>sYWRI&(CUbsbt62Ri9G)Le#H9_ zO;G{_rl8alOa&X%OxhsM7ygQ z4BfIM?$iAOowW9-gsfW{55I)$NV3z+vFfpD9iO+EJO6H6n}{)EgMB_N8rLvkb+7et z)2B~IYXrCG+NFyyIyyQtceyI6=gjdZW(VwDvu@q9!a}K+x!qd{;PMA4!rtZo%Lwog`N9XU&Y#zNd{NRu?V^*itt9H^@|3u+vuZlIt zU%FN>BX#zjc`c%;3nPOs9v%Mm8o&BUbFoF)nr)4Y1)x1{li=3RCm-`19vs#^4zSw`J*W!<# zhpXDQz4q$E(8$=>uof*^B=_&%9}f2XY~h)2HWOzP#<#c=-sHVu#HaW{N2mHU+PZaX z)m(+4VYj)m@$Xu6i|+U?AbZ%Z<=ytbesFtsme)u@(Zy~J69#6y?a-)+_xb_5`^In8 z*2$F-(_{Mf?GoKaT=`Rf!8dR7JG~2dG3nVr!L47gfTGAndtdMG6_?qYY}Ufq&$B{7 zXm&lZcVfRb>((PhkJ~(G8#wsIpp1LJ%}LD2*j{Ji;TXX}{kHfMCr=)(Q>V_-g$qY6 zTei$++`$Ux&!7K$-OgucY6lEh(>F&x`2MMRs{}8;e6zpdlyL)1$C@mVqv-XIMM(?( zG+f?%tZv&On_q3(G-SpP@%hxr4SAiUBRvF0@tRe4J|0>>r_H5h$7gDb3YrYRKQH}2 zjwn7aVE60l^<>FY`$t6`Xxd}GcEPZ>Mfz;G>Jh4SeZ}C2{9f||x2~@z@a=JOfL_vc zW@wd*XpN!A`!xBuWyZK)HRGr5$XVEPz>UHocbDEC^;?xc7f%#N?R^1-6!H?HWd3pQrNUwta;$FcAdqoVHKk4u-)UNO{8xwtNNjF+<3#A&-T z-%a1T6&?O?+3Yi;MpbP7d!6%*GE?Tfy|=jg&6vhZdIinRTX5^hmA7cF`KPHv7w4V{ z_B5(Acb=U%6}p3Q~NI`4a5Js{&@Y~`4aWx zrOm4Ce7g0@n(!G-PgbrpI@&T3o=aK3`$FJfzai&ao^I%`^Iv_j^})G+8SBTRcl21F@1XV$3;mC@Fg85nZ~NezPbPIg7*T$ z)yI_tf#m)j4;D_>E{TsT2wWq(*l+LZXITdc@7h!6->s!uHDG+|soLu*r(p3!M~ z)befJGg$q zmdn`_=Vz?i_-S4JkTWx`cInh<+~<8?egDhES|VTZ>=R;?JX+6+SCuN>)~a|_ ztfJtBcvJ5K4^))@XJ?OWLO^V7zu*7w)BXLvmF&*Ec{B57-g`6euzuG{d8tXez4|%1 zuPvOcZMbCjCtBBW3cUa1$n#6y4)nTi>2Ur!8hSiu`|QcBH;8^SdD zdq+Wqn#5HcSsK`^~p60PQmF9qzu; z_fV&|n!fYSxjGNShAF!2_(J~_yAp8YMoeJGSGq(hhH3RvTlN2O=EcRE6p9U>yfr2B zaqfAS6Z3zZ(`00^HGFaF;AI1YR=Jk+vAjvw4+fS@5Bs6+CBpZ4xf>kxqtgcdh*H^eetI^UkeQD65Q0y{Y0zHmDy{qPd;NEdSLC@8U2PH z{%pthPp6Kl*!j);`QAI8o$^oXdKO>BL|sA9sFwGk3Ui#4OY4yd9$$PIG$iaBmo=uWqQb)2;~MX~L~AFn88+EknKSIPcqU%l??wuIILp0mKiz-`k;3P+RUq z79U@O%|E?i1a^3fwT$l6dTMCKWA=j&eB(A=Tl;aJAiXAGN&gw1YfOW@`v25r%lFcGKjVTC|wZ)%}|<-d2t` z2es^69-WZj-g_yNN|HCzmn~byY^%6?An)7n%C1dsQeUCTczkbhV9BVmf@8;yP2GMc zuf>^@CkI}bmwppXnloa;MKGIRr!NybT4~}|tY37vWt2RxX zZz&wmIg5F{$+wT{_1V%;srd1SA6`khadL6qg%J%DY~HN;PwE^sj%&Ph`ta=Rl#yG{ zba36Ze){z37OU0TBGYTYk+cr?GWNgTx?{?U(B#4uMe|2LCc0a#k19t$IFa&({UrDYj6Q#PmX(ydvrds5SmtG3+z=)&V`s{`}CYBlMN zH{MuNbOq_0JM#CSx8{UEhbS+dIa)Lx-rkMwT|M?e#nt7j z^WJ#ljR6A&obW7o=;_f+advj{s>AR1nss~Tg9i`v(FHdrMz}qlsUFf{=h$H*J|Y$# zD$TN-8{hO9*g2uW)8yg9Zx;HQ{#X*7)hE|<>a`OmPHgEuwRPWzH;cOs960+Xy|I6% z)*fTK{PJ-^!tVY1_ZyJLKY1Pawe$R2<4Da@^*BW=c-3=gQong0>|5*Q^7+n$OP4M! z-+Ts}+%-D7!O^2f6^brHhO~P7-FN5FLn_jxvZwn)GC#~lzIeQca6>~4Ch-lqe;N}tvF>!c&SAB1=+ zZm(Y-kQcmk;sU?Q{+lXXD-3m0(S6g}%}~TXdT@$5aIJ9VPG9|Rn#N(e2iH&3D;cmQ zZG?xy>z%MsBhHO)8j`(y`POM|FRfp<&JxqRckkB}9$`IZEjd99=sVz}kM`&9`_^OW zhYwFPMI-WetbLGP9y?KWe0ykmMP25Vp-X?=qJAf9$?N|9{=YQK(dMZ>T(534zRldT z>cJWJkG-$>Ws>){wBxA_cQxPBuv4_+ryo|`d~$f^JMX+>&JQkKv}5d~gPUCPT;|^n zoAt&k`-Xa?v~P0k=Vr+y`ToQOyA~ccgdH03*7(X;pa%%nS3Pn4QGoQT~ z)~VyMo}Q8In@_nL+dkqwtm{X_uQ}^HUaeeLcTgr^@=rYTTJyv^Gt)EpvfoD~|H=CT zyuaC`=(2LGa1P+gPk)uD?3RYfD*v$9ENfgt>gN=Rz~ZFUziP z54e*Cl&)Qt)b*Jb`nKZxAAWfA%BJ3p!&VjzO}}xa^{5WtWM=9&4PNy{<5%nN{OOf0 zLGfRX4jhxWriDa32sPeauGo__5bKKgoxHccwm z)lFm%ck4B6QDdzBt7AW@uh@HI`uGlUDW^mGD;7N(l6h$5r>m|l*tDs6Q0Yj$UVm`v zkdmF}wr8H*v?=7xse3+CC`=~P@%5^kmh7V!;&0#4ms}Y9#i#YRn>#cyB`0GI8Z?;R zr@8yMInzG-?81&QsvSEgGWsc zXE$%{QrAq=^wWJCl3hP8U)`>mYu!6(Ti(Qeo1K+KXqvq}G2-J9L$ej1U=I$QAKYbj z38;VlyXf(abr&d8X#YIC>i#;24=s2*Vs7ZYV64htxsT&QC6&9XfyVhsI zn`ggys{A@`#z8Flyem-s*bs_C`VzfCb zDr!=8cJ!UJIqHEwf8m=~{>!`pSKr%O#$NkzwX%53_?Qtxvr``JdSzn7>jO5@i#O^I zHa~IB?3X!x`ie-Gx%b!}dnQ#5|MXCB=^TYC-YCqab7ciHFd+eKj32P++^0YE(XaIw zy=YR~MuUF_4X%Ipj`iZn`M)oigLh|`oKP&UzRUQqw*LP2%RJ+jTrXd9?NNC7>i2^> zcI-HN#*B5J_8Fd#kPvli+Y@z;SI>Li`{~nTj`g3Hb@^DYtPxowb~LM(HR7j+rwx&> z2c*BVsN1bAX^Wm!+$jB^PP%^iIrFU0C)aZdk1Xz)kb7##{Q2`MFHZ?PlXkw}fjN11 zE@UrXb#>nC*_+-}L_|hTc$DAq)*tIljB8!*)yW0=E!*E8Rp8rZmwF7_yW;Ae%U2)% zRvvWsNWH}I{Y)#rT=yC_q4B40xTXQHc*M1pxmUBZeY$<@X0=+kkA8G%W+nF3pvpsG zE@Qh-X>M6|>IOOXY1={GTW)_^c;*cG<RcZHyhr=eX$*z2SFxr*_`S zKeyQ0>QKe-yB}}7e){1Nw?ylZLD`BPZ**g4dcAq-LZ8o+?N&COa-$&SO3dS|&nwRD zeX{s`h2Nw6p55QejR`ILvHOgIx@}&G`EB6k3U!#gHG^c6LTduTXsUv*n{Jr&cU^aQp3pKOI_QJktuhO{?1@Z5zMZs?P9s zb*cOwbjI<`gYqVNkRhdmzIkSC8fsa!XW8K3Eiq?WP)~2QJ1}*9#nPr%Km4R*OU0Mi zqsv#HgljJZeERW9w}Nid&lX#+Y-{+bmNHH%w-j_Z9R1|W3choLDyRd-7zTA;|O{8=L6{KG=0K z^X#GKCx5+_SXO>INgq1u$~JXy!}0G%O&^@stnyVwW*bwhKNim%`gnO4qx)U2c8mN^T-fk| z|GxYC=5+VIRk5nR>#mZep`CN_m?76%O+XU|o%nrT`kpu57#(_Ho~Qqlk}fS>f4ZX` zcsK3PywE`7$)B&3wg@Ee9X)o;`s=x$R$u#a&xK_Z7gV%u?6T$X$&-(FEu7kUHtX|F zhj9wmy1}>S{1($HdO&R4ptP1QX0UYR(2gxPDilnc&Dq4TLn}TEiYHPB=Z@aAamyMP z#o2u)4os-`>EV*NPY1n`Q?b3`dQ9MN!EbL=JbAjZWc0JMxA{>_ix?q_!qNm~&TL zEZw5MR1n*1yYc>m4D6K$^|rQZv}tdXFqh>&{vsB$Z!6OQ>5 z_<3x9cqZM0X_R@rc=N;Sq3I8Lxs9thUe|Y=>;Cayw+rj@)jc{TyJ-KRdxx%P&K*^D z_WboBr#{H4H%^xqJUVyN@E%b&&toGtR6f}`bNv#JjfwwxrEQafG0#qRzxHgCYVJ>&?9`OF))Ou6L1v}m!haCE_a*I!Lq1PkL z>mM5@Yu(2kzmPYj$S8YyiKl0Mi%DHo&hL?18*)gZPcjAYY%a)gnx}Fzxtbys=n{!4a&Mw({ zabMPJFQXWOqdL``!kJv~+%FzwrKgB8Ct2t57u zMzVO*>lu&lU1_B7^xk@}&(A;p_+y8_z=xAA9hiBm{POxU<##SjdT`^^!*4rhJidpF zTZD`|{#Hzv&DHJO zmsf1MwyL1@$UlB?-Lz`z=4X$uy`efVEpgPH-AjD)gRq0v(z&^#?wsH4jt}_Cd&nks zr=@5}(ekZZLnmq1GbP(HN*lBYSn;82-2-bYJQP2+4yN&x?%ns4cm3?O`wON&?o}}P z!Oh~$Td0z42TJqj4k|l1vNWl@^4O6#x3*o96_<5#=M{`h2ip#Ggmg;|-HKGKY z8oK1i?Ae#hLHX-V9pj4b_v-d>{)4nm?tS9oo=)v_ckjxvUC!R`(UyKUZ-cA9|NUge z*C8D{-YUPIb7*uc<@lQ`SFheauJNY>2Ms!uY%*o6$jMr%s;SA6#nK z`?afki{{OTg2_W#Pl@~t0MLRRLS34ZxMlRy$AOVwwS4p~^_AC{XZK^0(=RSLeJ*xU zKeix$%C0F_rmQ^oFgM6a&OzCca=YNP4$?$Y9i`VtSls?75AW`QL=A?r^4 zu&*b)8M5lfo%81&`~1o2;VnwT++5m>m>ATueQC>4o#&TcUA|iFTAAPNH5b=6>%Vqv zN{he;19S8T4~}cRbx8bDyK1 zJneh)KTQY69xp6>@bwa6q2lbYnAhvR8eULPkX3f~?&xnaGyA?ZX*c5Q>pSM)Z2uT* zr+LMpBkz^psCZOXN1?cM>5}=9PkRgwY}Pd1 zMbm3itJUH2VnOyRia#<{t!`z$y}KEc|7h>{H=5=@UE+$2Q-rxR4(k;)?Lo@5!W+45 zM%~_V`P|OW6L&QG;CjjS%AX&VmG;Xh3-s0h_C@iCJ*_D9fVDV_VHak!YSk)nVCIa; z+OMXz4E8C1_T*NZQAJnSyPk1NyjEprU;S?0y!>06uBp}Ie$wX6>eFG>mb)LNAIMbU zH&1VzxoPmKgEJFHKT5o{?a9s0ZZ50WJmLP&M8UJdX?+g$?uii#pd}Y^}ZGt6MFw*7PT!ncgYg{L}K=#18Yb9 z{#si3$=3rE@ro|v8|$9Ak9qRjx}5jVu6geRKUHDJX2(8%Z%Jt3zA| zrDYk1j~`Dv*Miz|r*v$cdZQyfSDu@b+o-u;`#;Ja4Q%Sw|MuDSrc=Z6=LDBb`*!;D zw)#W!=C+)=r{}lRraiM34M`n;bK8@fw=$^f$JcZ$S~X-4I{W=skAGMk)bgv4&v&lL zxi&Xxp7piVl$3_yE(xl^8-BlVC+(x{9T!H=?>yw~ci%1CrCW1uYUqPmbsBz~^QcSa z*u7(yzNsjzz^)YLULLi6am@F=4~*@z69@Kf(SK==MFGZ>6G2WJzx;-uj~TTs;p*gF zW$ky2>>kv*i;Jb>yxzTnOZVPL$t@}>TK(*1o9KdZ>yj%ocHh{1YgU&Tapq!DXLq`_(;i^036wk3dV;>DHSYOQ$vZu;TXb z-|0-J+KuZH9UWcx>-aZRivH%3jEAZ-Yp~BZuUe({ba!{pUAb~)kIYLs3l9I0*!l4v z3oG9V+ww5_z5Dm?|45Z=TXSrAzvQql>buqrnLe%k;?{ZnLloCeDW+u?Y#~Pe(5w^KkO`*C|D8#?OmfTz`+bHQ#@pcIb~E z-5dYG`wwmnUi-uO@|&G+KCXv#@9p>Oau#*6^L%Ql=~Qv&XXO`8hi}bExiK)xMcXCw zQbxzrn@0-@3aC~cQ?8FIotK_pe(~Fwld0E_uSvbMf5w5-8z=8SUOaQ?$f?=c>l!p@ z&@^-A%$`FgPN?(l)9AqBx7p3bS-LgHXLY=_#rJ+}$)Ihc9=SvpOx)hHbLE7@C-<%t zm}VYW=ilVZiyrOTU13V|P0wzYO-ihA8$5LA=po?JnLDLJESvX6KU}wOy5E3+TlXKF zKN#G7VXx@iIY`}a+8=(yr{dVM(WM6?D-!!J_(oG&hi*ERyn5^9#$i1Ii`j3}FYf*3!)4jok7u-v zDjd6U&GNC|Qvv>eZ{OChgX}rsz_+V8zIU zCCmK^u5MhI{V02L<=w-LLQcN!`umx@ue5XCSXy%9c-n>WJKc9%m#yAB=kAfOzDOx+ z(T3XabnJKY)4p1CA$k6+Qwv8WUi)@}sq|6t)q*iwN-Ip2&t6k}flXSzAk1YHa_sky z*G+AjIBJcq{PwvqhT+3UUc8Z8(z}gj*e@QT=?{#{moH~#PM==?u%9V=LHkLM?_bNk z{ooW;bopS`!xR866;NC5h4UHf&( zq&A~VcRcQLd;F3Id)>cL`ESkN{P1AWga`YJpFL^ue&lAn;>N=Jcu#9w-n>nPBRVdx zliMOQ^w(wkSDzViXYUyO<1MeAJ^TKD!d&Qi^K;fV!Yb;e-rdmntYumAO&6#2Z2gnh z@<*A2$nPvSH+Ed*I`tZk8h-h=@8)8AzB>3-gxgavAU|pH55qLar%j*!^M!foH#Dt7jPlygWWm*vD`S_a_XM5pEc_I#q#XzPTjh7%YX17W$XI&0c+Fl zoDXk4)O+i_Ci6O`uEO?y?b>i$Yp{CN zs+%2&Ba60IKFHnvbm*+T1u-AaeReW=wTj(b%oMFoto*cXt1X}RX_1*&nHkd7Tc%Sk%ac}0ug4z-y*_ek@}UmcB3pWdNos8`;!^P4Vx?XqTW_S;7r zZ0?(IW%kVh`woa*r*N@PwyE^v5l2z`n z=LPpJ+nhD}`deAS8~D|u%eJprxpM2mMT;&z zj`{HEy&u22_*GNy(Lc?O&@CA_wCMeW0Jib`o^O6OF-N8NeQ70q&q)o9^81cv9WIQq0*kIA#)e4TzSwh zI;T(OrT>Ias6XJrgHu$N$Fs!+K~v=azwnpJIxP~9QIKzN0+EX{}&>@nlB+~U$V8xGyz z7dP1#Sw^}L#7)SL%Nl^tJwzu%l7H+`trkE20XV_(Na;}{WB-lsrH-PE0443d;6RUB zjI3BmHYr9*hZ-{+W&)!~mZpqGKv$U!{ZR)R@Q*th_5#rlW?jNAVPt z#GDR(oPkP3x(eSB8+J$>U|E7pVxBk3wH`3}C&oafCNdVCM8}DQ-pNGCOW3z+-#-oq zhtG~gBt%+c%m5?wR#*d}^f0oakwRg(L>!onl+~>YAaSVLi^Jq8AE$V$8C0#~Y^3Dl zCB&t!`dJz@H-<%7ptl$qz*dEiAT%G35O*?c`~ygf$r%Ft&>1Zt1aafLYyzayCaR8N z#B<8qAU_BDs-WYZS3!m~3QQDPYseAR6_=9`4PXv$<~d~4+hWoInxh;XFx>DXW(t=o zS5G?;Lg_x$mV6$?5F}d@xoBUMMC6@kSQ=$PlJy^5LkWC9<~X74zhw;xfh75+{0@4VE<gQ>n-CMVRWudEt9|#`ABL zEKMjuI*}@)QGygvs9vy-HvlA-CQK-86}ya3B$8?%Fh2aV0iZ_Kz(>cWEhOWGPIIXdt)%4b`&$cZ^Krjv%0mf2vMztGZHA5qRoDCCHz?>0Y)u(#KSnFQb zVg#IwMs=U7>Yz0gwRNBCadmyiYE`ID)Ci)o;Q&E zQo>TU@a)WGr1JW)rzZaHD^uMy0X+}eE6U3Vy(ws-ou25T32#xuU1v%G)_`Dh<)Ck z%s(QH_oi@xA+?V&^Q^?PHuzSzUnc>U5jJh8CUQG8hn5rTSp?DZ-Be1PSo> z_w|3FNn}wv39v6Xjq$J&@_ataKUJkOf@C?J!`R-{(~i5^crN#=s~H|@z(hx!n1)m@ zy2ziuZ$|7nv2)=XK&|n`MQq4dd6iR;)~Z(m?0KY9Uie&|=bX36J7l03RzO`gI<@K) z|A<}dK{2dKR=#~WW#VTR;GQq-9Js1X?L>hWzVsp(wuXQ@n6Mz}QVu z6v=`ln!_521vEo2EFf7Vj-_bn{==TsYf(WQPT?gSOQ|g8^c3KwDOtGA$z(-@*&`^9 zwf&hYMGI0gWyI~)sii4?*JlAI_slB_KiK};0>C+=CQ*HUWKOzdw4P@I!e`cM=bNf-fRWmsUU z7Ue!daReR|*(&^3aED1Mr9te*U?`uct6J>4!mO534a8REzcco-jGWctEHCu8Ui#0EAlb&{cn;#2%=88J5Sz9s+l=hi?BB#};Akc=!nL)NkxpRj1@5X+BUd6S0-^ML zvNs0M98^-w-G$oNQ0?Tx+KQX)Mnl|;Js>V+`8{7_2~pvGB{aqKEoFIynCVp29#ySJ#bqAc%ZrZ}^)A#!xqgwHg6q z0DyHvgd~_ffYGE9axc2Wq{DF-N+Nv#V==Of5|)wd%^0yv1YiNi3g$)PC)xIbVYHf{ z+9=-25Ycj+{Y&olh{pgZ+FkA3rn*$AM0(0l@*9pa6ge`S|(-2LliktnO9S9-LKzm&_JpS-Fs>mH1e$`fD9xyOP@H^>agra&LZ}w+zyLpu zCeYtsnGCF{6pb?>N)=*jOsPWbG8-#ZLMCHnvPB1^u6o$gEPE)WoYFJ|223bnI0K@b}RI9qy|Q!1X?8ARZ8; z^Yii71!I0eI$uq#F)&+19 zsHYM%Na8A1KkhczwH$H@W-Xw}2RcQo)~J0nK3Yw%)=wO7A50hI3-I6oKg{13)%f7P zS{>?#Y65}A51>K5{-~cH=8p#Z1!JhcPk@g0mdfIvM8{DJ~Bf!v_#G=6>> zeXuX;2Q;W3rU~!~26|kp#dU$Wk2VPN)db?f!B{QYexcDN0m~RDiha@173)<$x)S7C zj;>h#`LL?rECT$4gMxkZ+5le^_~?Cng8c)10&z`HpxzH?{4jv|;94Jz#s>@X3kblq zm|h>?hx+?#19UoHjZTl&qV4KOx2rJ~wKBrEVieA&rKewXWNkI8A6u@BN&sKW;gwaX z6+}A{_EY=YNH`!U2oD6n#~=4c{d_=R5bmqf`vqct0eTJY>jN-tKv1yW-`_VlC?FWs z2L=TO`upfneJ}{n2jZB2?V5ifDn^ZFf&?!*(tNGzN4YBxwUz_SLwg<^yJ7W(QmZ(w z+5jBW`s;o104=Hoz8akt*9Yr^e1n0%Z-8$=kYAuKKocD36BMBH(FOWp0ltAcAAda_ z%s*zyVaM_-z^Ji8S$YKyNV`1si?tpBSOE9Tct{AX$P2und9&JvU(dwVVjR zX-(TD55i-|-vlsfcrb^E?h*`wp(LV%R~5KgDclz@AxL^g&CpPiq*#>qFMbY4Sy2dA zY4gXBP?kAv+P-p?1z%9>LmY(?R*q#Azjiy8?Wp`eD#ASewGo9mhvA~}R16phF{ z&y>>DmsGf#0g!b^v~jZ4@s@$~mfEr(gkA*0h9HB60Bb;$zwqz{os*$VK%fS91QCt@ zxVP|6IWB)4gBqrnpZ^yC%UAfTefpEl$~)rJ-;Uw;A?QfQd%jgiKo)Znjp9J=;O34* zQZ!<7WMsU!J`gzH6P~t27cHc{z)?KmC9R#ulv;u%dM?HRr@%ztrm7%p;CW!Yqap`J zbc13I1jBt3@#mHnZRfWI545H3+s4?TB@>#4SV%MlC5+tCgSBM8Ujz(ep_6z3@Gpm| zvZ-~bYes37kc3+0F<#JW&-1F?hu^N>j7=kKydgU?fEXW&FSpBq2UrsWhW3W{4swme5;8FDkojz$|zc2{8l2L(tw` z|t@OOzr{7Xa|mrU^C68JK9mVn3>}C~H703^)G3@6LF#}2b%0Zl zsD)xpC`(|d(P%}IP}TrVtp)oz(O<`1d=X30YzPt%5Fi`Snpvfp!j)zU@9KmdI$<16 z*@n_x)>v&?;H8e|b337CFMEzwd$gQ0GdrjZ%6}a_dLJ5-R163A=K#wwxl1z{|Tw2gLT__@NlY<5a7~ayt zQauS0moXYBHVdnhF92|R8Lt*FW$;V{Nti4q1T|3>lI0)^;)MspZEcJhO(mTG<$dl= z1Sxv;zXXti7l8>)dwD>EG_r1o$0j7Ogpn8tmr*RBF+j4Y9Up%g%|rteMO&+BiKj%t z<6JQHMlp0kxTr`@@3ru#qzkM~NJ*U5L3&%`TI>2}#B*k+702WiL z)ld%Oz(qmYqM`GNi5J9B645$9^FmBqn~a4oz#(Y`E3W4&wwws$h5ur%9(ZaBR z?n4=QNn7?ij39A>OsbZ&XdQ~xnxMGCf0c|l7}XIEg#Y3s!v|4fI0abPvU#*?F)TIG z4afSrR^`VsFt99U`z_~*c3|u|XbljmaQPR&M(mU$OyT{DBPSoFs_<$?wT}f(iSrKA z+((B>5kL=_y-22vMK>H^tmBT-8#PHw%>GkvX?56EK8}lU7;(*4?Vkva;EgVM;z4y( zinPBtZq&R6$itOMK(-JBB=1SYt4)&B4-X0vZdIsjx^}SDbh0w5BX+xbHPAILMH3^1 zYS3g=(BnjvTpB7)famQJ5Jo7Z;)z87CaWDH8+LAorD%i(CT%K%RQzv##lx!c@El8sAK|0{AjY~S0tzx!EP)aBL7bog z#u}{%%CabC5Ts9zoe0Vt^cU2l7@S)nT#ybRXevsB5Cr;z>a1pzVE}_92QeZ^F`Nbn z9Sx&I0F3P5iBof=4=^AcDncO~wNiJJ{>YLYEFK$Cz4+<0R&U=ck*Gpt(4 z|LR7j$d)e*Ndd?df~H6)u1mVB8WFwiZ2E;e5@#h@G)+924N1;)(w5j7|Jk9Xs%^nXt>(t0o2R5*#t*b>Ssa$g z8cH}HCm_xeAX6azq82L+mJIvqhDjxKrbM~78PKGqok-;Bdpmd3Y;R_=YYyN9DfF5rU?ofUt>m;;SbPkM|~`Z zHe5eC{sxM{3;?%q3bt4;oU6w3YmSXWCovUC;XsAa1U#$}HFo}JQ3$(ccMc>$h4ZMC zeoA1`)Z|o@##J~5iD~_jH~u=xBf@Gw{>| zNwN^U^nh|h%~(vfBSmh*7eO-IN)dmE3SmD3AjM-dn@_V$PPS4Os7v4^BQjJ9872rb zk=&-%k6;Zw_`1WCG9Zq}DmEVPCa>;>5PG||35Kr-WoNf)T5?v46VKI32~jv1^6KJ2 ztPouRiRc|C1!?h;Zni~Lh{P$D5jI)Ggjx|AFqAO`AS7d?sAP*7AsEKO%bIW+ddl~F z)?#M3eJM;jkVR4ff*NUn;#Mh~pBvvws1|YaLU0R!sy+vc1{8+zxY$~O{2q3Y=Z)Ob zmY4v~=J>4z0#(}WaBf;R;eM321rT{X15g?>0J-SFZxi0QY>%)%pmoZs;9?YI3$Evb z2GKx2WJr6_c~C_}Wv+Z&z`mCp($U*i)f+P#sHCTz%*^heSmn?PC+7B0RaCsZvm`A7-c;8?8#w z`-dB0u8`;fmk`}Gu4f3M(fEj4lP9tC)U4zvaYDRU0kzfgKLM<#q;F40`Jt2yl zWBcQBe#;4$RpZdWY04~2ABxMb7;Jg~JnMIGVU*N?SpFc@!DS5IbBWG|VlQoud*U0t z{ZGbXHX8v)3aAl&5D7~t7Y?HciVHFZI*djWj0t5i!;4`Jj}vWIBurK8ZO+X$cIDiY zSh@wT&RJImK<4QxRl^)+#BNS%o)sgZ2bdKzg6cXZ6_ByNcqnwrj-gWtqmiRF+CqA9 z>=h*uf+Sd}gcpJ$-0I-gFJS@*$|3~Gu&B`p&pgyh;g`)j=q0xXI9&zc1T+t@@VAiy zr9;I|trYHwonj!`k)Wg%wqz>=wO9@ZP7va@aoUOyEHE)@q#M_yU1{;a&VZ%>gy44b zRFab)x$TJ)U>sm@pZLDw;vE2Q)Jo%kuGu)l9?5EYBD*iaYTY4cm1^o&O<3AsImI=W zrgWf+g_lZIo2{HhnPj-3^Q5jaQ@BdPSN7gWqyUoBwz-8#z`qz4rCEzv#h>eWd)8!k zsuR^Zl?v%4fZ`7X9q@KMD7QgD5D|x}qA|Zf@;wc_*1klEi>oDE`9!6s9l2oFS)-6x!VuhOQv_{!2j0>K91)JFHG(NFL6%n zj2!4oCUpV!zl8oGgf1VnmrUl)K)(zkcO+&p=&ZXtf7EUQD9IoMix@aL88M-0@LHeJ zBmNzHHKAI64W|`ybs-sXSRxj)7=xZ*;i_Pquc+!5PJl+K$ zdcp|L9Bgmwl@SjHk%2`_fML)iAn60CG{LffREy2=a$-$lA`ReS9R_3{Rj8Tp784q% zq#z~UoCuks^>&vOB9+#Y)2{?9VmT6&HjF3|he7iY1C?6)j@T~r&6L@~Nz8b4w$H;j z?Qs}9lNuI@8jU&>OOB^{QAtb;*^QTu8V{<~f060$jziKyG>?Wj}JaT`co)a@+T! zP+TVj$@TQIi<#>s9!E#TdPxCxWsF?<>Sz!o^9rcOFQ8h_0HFi1G?l`2x*DTWo&lIp zD?H{A0;Q{~w@a$xtneq%`cp0o)ptn%RYPx#&Wursv>mm3^ER5& z0kI5(g8>|2M)X`!LcHm+@ospyWkVw>HpS12`)`1}2|~Q%a5C%sxpOV1TgDCG{QhZH zz)h8m71WBDL;=;t6rRf%?9xIw;SA5=4sa}zcN4#3rPz`&qBMu0Hgnmo5 zIuy-@IFyCq)y4b+YT36qiy6X@`4A1`^rK;3{J(MBAMxR_f&iEh5j#v?omZu}Pl8fq zMpH=y<+Vm9>&d>;1vvTK`oO_gT$K&$LQrUU5y|a7N9sn>1FM3 zrH7ee6L2=v+zivae#DIsE-XE6j-a6{KXr030IG*J+-+Dp(u18hy1eT2-POWUFgBuW?0C~f`KD-wStfK8YvBE9;P%8J0I@*rMqUs}EiBcGAd{<( zy=1gNiSC>zX|upE5jbv4MQI?P!AK$v;L+R{06$e38MvA#JztwIBkpP}jRHN9EdP=m z#PDVoW)uUW**}M{TpWvWfYwvB)sCO1l`*$g;co`Vnb1oBPW+LEkiZ8iCi zLVGr6KxroJj144QZ7Z?8Xb0hGhYp7$Wf3w$NtTa7>wv^n7BQ5u-f?V&Jxs-|eu7l# zP=>(l?WV=H|4)p%NlsRxalrqkS|>6uduAmrJ7{kgf{;lBnO03v*2t((44T4o3&`#N zb4BqbtC->ef-s=a5V1B}tGlQ-F>?Dd7?v-XS8rqhB@;w9I8mZUg1ZARHc$*}c?A?;a2fW0BZ> zlpWwzX-Q<0b_aJnr<0CVZKS|8;{b&>-mEobD3aF>vP@xe5a8l_#W|9T8VTbVHgDhy zEvC8ck*6$f2F!wi9cn*2{Cu!Rxrc;gBF&Sp9o48<$>&4vcqX@5Mxp7PbYEo8(=b4@ zgdW}uNSh1-ooK@W&D!1j*^|HIIN*$k9R*y6j49QKxCw$~px}{*lJaeZ>jU5o={PpW zW6!~X{-7L_O^6FaaKO86{3SVFhHX_@o^PRAQNDIP{kxEJXx%A>l5Ku1G!0qVKdWl+ zAUp(X{pxiMDUtz4UYKOQ`y72kLeQDUA=Ty`>>ON7?W@{Fc|o4%o@!s$nWO*#NX2*; z05Jfq!+tC|t{`%=esSZ{Q&b3|L+P3*?JrYVE$2|MpsU9C%!ZG2y(-wWSHacJUIAXR zGU^)57R)J_xW&|hD&)-(VqP34#PL!kO&G(#o?>GAh6{B6fAFF}>aT@L-NPR^@3 zNwV9bDi_Nk966eeAhvI~m+)tgSTBwuybxeAv(^ZL_7WJLmu<;;L1qPmo^S*QZ6stj zN#+!}TBWCGOp0A&hJlf|zQ~5YA7L~?(Ff{Hq*V&BMhnLPygJ9hapLaU51v%86wj=9 ziw~GEPSn`!FXP1lmb-)u^X|l4lJ#T~#QA zLIWgt5zH+X10|hLI76RrL=J;jo>X$$7VMEyQ9jTD4J^_$l}1QRR5#;ufvRzZ+591?^hLyRJai-G3hk;O1O0K?R>C>AKfSad4h zoC{`p6|DaRO#rv8Q1J{NT9VUZ)-T4Qlhz71cPhrBgGz&d7QdQk%8Vun9us!^U{~m$ z6HUpZHrmoW+S6*Z?I@EH1bHYOLl7_towR0bhy6Oi_)eHUeqM1vy9z*G=n$TV;cdfE z#bd~bjz%gD3x+>}N2RWXAbkLe_oE3G#Bc(ut^3eDQVQiF;wbil<1~P=U0GB+HViQm zgdoAe!QBbRvjht2E<8!{PLu|ISGSlc5*Y?#U|C4P&10CbRdEHK#3`{q^%MOZxus-A zY19N*K#N)!M~Zf#vb?yNpv-{m78WP^J#kVV_ivTjVZuCfoJJ5iaf^`dlo3}B9|1ug zze_OC6DZ716(l7lDH1e?g8`*E;fhTKfJ9KE+}}beBaRoL4T&INdpJRR)@+E%p@2IC zXp*!|o=JuqLyfLE87}8m-cySTaXmlE;&$ zxX=Zll9?n=nId40K)Je%bR{P6PWT;e27JTzJ0!fbiz7w?{$m(yy)Qpv!w@|{S#H*o zgg`XHczD5$6+^|iMvUzylNiZw8zu-25qcv`fo*9Bu?P`&M9VLb|1U@*1*MHt67wf% zBL$_sx$6H?$3ILR{9X-AW(p>F5yqy*ndVCW$!TUy=Ktvl{=YZB|J>@QE!9WvtHtW4 zE#&_oY5cF#MK@kt;kt*~bZ3(gR_U+JJO_@GjccBHu9OM~DbJaE5jVMdO<)GzdS5vE z;L220P1VvJjzBFqNRdf-;%z7t(ag5ww}RUVW}s3@K4hH1Bt&gw04vLqTSdinqW235 zM=iB}$v1?XmSH01!CToPeH*xaF9Ad?Is~Mj1aM}-M09dlHFNc{e=S*acAKVO88%KqUsKBd=Pir8Fq;DO3G}_pQ`xzXk?%Gy8@F{CC2Kh zhOWdLw%U-ESl0g5rF#0ZyAZ2tIx0K&v!TIX6$p{BglU5H`47E?ZrMVH{Y$^q)34Jh z7t8>jKi@*Ewc1TKU-y1JyQ$nB=t-!Nt4tw zf1NJ*0ARKp23n0;aBr@8^yLy9*D)#Onav%Xp-h1L+wEUEuVE{D&Yg}dZVEBB{ao=5h>*d4BT7zQhv+f zW_Qiu2EX%H6Hvo;cSmAq1m24wMuK5wnI1SD-D0lNitM#?&%_!)9RK$VwC~fM;D6a& z;$a4WnpMI(6|`LyM!h$;gYZ{O+<;>g$*?p^z!>;1B=GPN9SJf?1yXqH5^t1Yh$Iq5 zJ|Za`c)OD@-yrW#>Z#;@#o2k6%62FQLG{or#wx>!4_E!dvGi(#n%J5OC2vV=-} z>MYF%{j#p_e%CDlRslVqgm@+hA})Wp&LnQe;*WniiJ~ zQbUkV1j&LVKzD}ZAy(|k?dqNQSfu=yR0ALrNCssIMi1|s9KJ&%58JeL;&;`~4$-|> zI0!6d6kNBMmoR4#CY&D|TsQ_&BM#xBIbE)+kw6(B*>edJJ|J0|;NN-!7W3xKG`Z0- zo4K7cDps`bMk^5SWf{bq&wj;J6QfV9lmZ-t zC=qw0A3!XO1!nr80Y;fjfW*Z+PVxNG7Tiau$@>#fh!LPEg1-<98N!h~Mo<=pgNzv{ zLS_KRNgHZD&nIH6{wyCG~!_!V-J{65zYuNAYo=p2;!&FXiUNxvgdsA08NZJ>VRBY zyd`2-M#=qGG8KeH#So0V_b30iedItTB7Shla|P>*srB@fEzMq)`oaf$X(L|9TgLG` zKCV7*NWn>QDS$?eT>n)t2c;1Gk+)cp0{7w24o9$6s?ksq#c?TKdyOqi=9ztCdkf90 zktntnO(Q}UKkp4@!BbVYL-C8I=fqPrqRUn@hV~PWIM#ABi82~x;gTia zX+8j`7*dHhUKY=j%_PDQIKWU@4l>y}FVxZO4tNC>kn0tn`B2a2NtBEPA;yA|nPPV= zCuRBjA4b^Dju>&UBnD)P?bNVpRym}KIj}7!2@Wx@YPKzC&yd7*(jw;7I=*xyVU*l) zs$TLtz0>l^X_byxf#dn1itKI$;m; z4Cef{4EZ&09mpHk|L?I48Pc_38n)E*RYMoj7Lu$w61Gi?u%$2Wv`3lc7Ki{$NJ<9{zIj_|)NB@GZS(6w z^rPnX9W!c>vbz&Bw<}6SB|Exxyth7>MAr0#6|%kq1@@Lm3d@rvfB5 zg1BRCHJ_#fhDfk2G)`=UcJ5Gz71~S&R)j^90mIP|#tCs^d?8uud~1$4bQ3Msg#%<^ zMRISP_l6Im&P(+m%?z{E5aNlmna}AjZNdN^`i6gD=o&%uXQz8~76 zN7y_d965ygxh&Z})*9S#WYjKs3phlB62(+`Jf^C=Gh!6qeAZ7uW4xR5AfSaMWRMffO%Ag@DA9Bzb=F zB7jiK9=6a6BPBZaNkJb3DTk}z-9gP2aH_Hk9hW7-(Y)BgAOXu5DBhD&To^QE;b;K9 zCZ&8;Fs)N6!5W~@5li7OZE=V=)U-GxJpT?wLIVCWSBC`jPpuBA_TPNW;O?#zLV+{3 zOGZ8tI&`Ds#4^534h20ttR`78DiaROfaHWW0x%pXAu$WZup9>(VYC&nR!P)Sjo-Rd zm!pO%8=mMuD9K;A4x<6ixQRrM*{8LFVaHGs0Vrb?wtGleB*g;3ojRdUuQ(wmwTvfl za}W{6QLlwI%B~js0Gwc6yjwI^t#&I8WjV8d)5B{ssXdM651o~ zk09#4ya1SFq;#lJO{9f$L@TCH6bjNPnFNrw1c`$*FQhF25e*5IDidklsx)Jlg&W}@ zsZ=T@Y9<72GX!x<4r0_8NvJUr({tK#iq=h;Optg8B3!_Ag_+Aai7Y~j{i`$q7UfOQ zL?R;_vBwU7awAsD`LF%@=j4CX zSlcx(f1b1c{Q?669oE0r$KUVY_5V*iH7!Pd#_blMZ3#JBc(MX~-D*Fm1r93~Xe)&4 z6>r-^LSYPXv67U&gCOCRw;Wd^p;KE}!YCF}3!vN(wWlL^cn~PSc4$(~>$kOQfh%fj zr#((!EaJxNR&I`fJw2rXY)gety2PzVj!punIinl$A$W1AOmodnYvP07{%kz7H9khAV#~pHNO`wA+W1 zXfpE`g)ztB_lk}cx`O+jL z;g}*Bl2YQ6UVaI&lc zIyZUjUp#3{hIOQEMn_u@mMZ2}slNvZYo7uKedv6LSFXA8zJbl`vIxO+JI|x&9z$dg zhC8di1DrE{naGjbb@Ccc-Y*zt$wM4rK?8T}J-j0ZD_HEBR8owVT>Y7`oIa36g2Z}F zD1-!A-VD#m>hMO`k~EBuyl3_p2`Copk{E+>kM`wNq9N1*PRa5@Qvlzwy`b*|DPJR; z~{&vO5jgC%rBl77^bwjba5mPg?JSUXS&#zx!X%rwQql}6=hRv%| z7X>kS-ip*S3sSW^T4SkGI(dBd+|UPm`YI*UxexY?b1N+hjp`bJ>=sCYWit_KCyfCk zi6+1#&j1*U--`Ub>N9Cu&=rGhO@Z!+^D2S?F!6Mf?|?4&1VX%r!VHXX!yI0IPKnur zm=Dq^dekM@#wYM@iM4u?M^8gZ9X!=)9x>6AJlty~k1G2gC8GS@>g3?yyVc2etM68h zgaU1pf~SD?Wl-g+fvzRgmj6ANWCyqSUupwspa@jR|AYSFP?P@$SS8rX{~JhU@;{#J zE_ITiN&w~6QY>sD$`n~{H0=0;^kd{ykFo09h6TXi*Cq$FYpQ6O-3;ERQ`iOlgq$0KvNH? zy0B$_)51cvO;4Fx@c-I&f1WD%|8Ovw=={Go=xzD`CK9p#U&Aaxa0Q94-T^uD!jxBf zR05z>a@DA|Q((tfY+=3}N%gKgq(w@|3bFl#_h$)7+=`A*k!r|)^rG{D zs(9QBu-YH(y@H(`ULOrBdSbk=rQ_z6Yn|Nz1}@iQEmC zx!dM10_5QZ0Kt$MJn|Z5bC-^CS5%-HK4v99#w#H)NS!U>=a5D_@;DU$ zDy)tT$^}C|6AufCJ4yVC1&PV53;??)RkQaRSZ@ByJI=rvOm>nvq*u}jX=YiyJo0t! zH?K}2E77zMZ$)Uw(z#^N%O_HPDaoNN+{4^`fGuH%+pioENXh|D2Y-Hu@n?FO+X2o> z!i{0DUp8ufaWing3TdQDw;6YUP`8_yLz4M67kjGUSO!dkq?vjhoj4c(SWKG?uA{ZE zuYfVE4{{%>o7Xlpy9|vDH=7Rb@=

_n6|63Ca^owWgt~&}-n2=B{ z4J3G39L5`)9;QiGyvaqi6X1OOC@6EDdx0~%QV@gBpHE5(X6_7p{_IegSIZ!{iUQ=( zQ!QJaSQI0U*TsvH$|Xtm^F zI*e2bGYZTu>dD!(wsP24^i!I;C;-kCIm;9=@G#(m{C>R@7sPZW((0nb{vxrnO2* zt^^L~%xhDLrXWg6@SUM7SK#WFqoG3TmS!5WvMPl}N0y}=1vrVK?4X;b^8*?ggkH$z z@qpPkt&@0 zf15}`{^P+lJt-n4o#j+We>B`=GwH8j4(x1zj2o`+)$;E$o$eRC89#sS$izN(HMT0u z6%JpoV)xw=R$IB%A;H2bITw7+x!-=!gski)n%2wP#K4{ql zhiEM5Q(kyd$1HDE6>{(4CL~pcpepVfyjrgK8uR)n-;7e;7aEKwJIZrG?6Dw8hv7F` zG!OEon9)}a5Bk?#LH8ua^H`oD=J=)XPcSaahqhh;YX@?4YQm*-WO zebr)hjJ|3O)#TgQ<_m!5#_k;oP=+9*j;`r-6M~jM}$p9Tp2{ zUAAF)Jf7Y%%mO=}5NHQ?C_G5#p zBLC5+f7c}cjmCq5{y*Nze;Y|c{*!}9PtmNo&6fk{isezZfkkO4ZjjYvTNd%5f!@p8 z)WSnFv)D@UA!r94+(mE#K8a}ld2sxBmc_RLarwNZVIhutM?6~jEQvieljabK7qOSc zaGIh3(ykt4i}*m~=g%?OWD$X45Zxm#6?p-Ip@{#?qfT^D@7ayMW>4iSLltLxOpf=CSo<(>qQ7j_yqD;B(u`TgKrW$%m)$jZdMO+wXej zMe25&>-zdN&m5A{*Zgzi%bvQ4VlB5mMORi&b=6a2`A>e~vylSZhW!MJ9&= z%+iTy?>$Q3Z0RPII99YM!!fj32;piJH&$`T1q}l-`D^}CfYd*ZxqF+m)QtYKEpc#5 z*Xx?}|3Po8%YTQ%t^Buu^DkWwXj3@q0{9r17)nH>mK74mZ~K)5iyP;@wTx9n5LVYrcxqlK!tX{>R}& zfB$WSi*M=w22$bv=NgWG4J0x@{biY^!(WzFarUc}s&n+KRCrvlj|Pt4{L9VXZf<{l z_597t^9HBJc=W!_17o~|)^%3QM&ap?i7kf=xcz$+1UK(d=FQdCe!93m|LyeUOSv`Y z)ukg9xqkKL_4#dIDbYV1bo-NTuiHE551bvKzLQ7aE2V>JSri|rKOTE=G`+pJT8&i9 zXtN(b5{ZjFC^|5Wi)G5il$Zy^guz65Uxeqg_y5z?guLkHh!Vz=_=>*SVLt=P8zg@r zua6kYb+zZuG;~@I{=_i&6K(YSZARa|N~1)2<4Z!1lig(slaRjKS6VK1)AW6m_;h4o zxcVuH7SvaPN^sY3$|+l8n=B{u68=S(2+8q5cGbzP8Qpa5CeZJSf_x+?J~X#vu}ans zWtxPIq~L#nr5j$ej`B2y2p;OVy(|A*~l>gQl|D!h<6wd$q z!|nUu8%a+S|3lXrJ8c7U)F3yzGP!Bs*}ZG??0$Q7d3*Zi_0NUp_y}{ULwM^EUGY}Z zm(+%v?SEmQZe#(h-2aCK|KGuA8~F+?-#XUZ1{xb*)$o{vw+cF0Njm z{`m6z=JvKYbo8K;8pZ%=NG4T|%np#H0)S}v$ zp2Y4ls%du_ne8scPTrpX-?Nu*o}WLzJb(S$tLtBGZZEFhjta}E2wxlf-@nbO=GaZN zv8z2Q)r5~PM7urp%}DJf zpMCMVqw?&%qSf+|c&0x4?&LWoFeJjI+XDGYLgDOSHDGo@3&F9x%+3)YO+6+gFP1!U zP14$HvgX7=h=Ow*rw1!~yhjlh=Q?SZuGL>q=u0v4_v|Y#zmWNwT>22KU+$s;TY@X^ z3{q)@BeHjHRAtn!0+Du>c)1SkNFr1 z+cAADc+eWSw?Mcd4_EImKAMvkuS0$X{9GNIB3D=Q+wu0gQJl2K1XvoxU;&dE%%9Ar z+*{&DKJv1CqcLAT@8eeg{e4AFp!!xEfW2Jn+AkguYHY%aoEwHwMyPT<45jjBG^GML zr)`KY9dCg%#}$9h%MzFzqzciddv4u#zv)z;|MSO28(;sc;Q#&pXwuW~|4p{>pEi>k z^ZyI>R_v2-fAOT~ns`5h*O2qe&*46r@9S^teg#}#9+e``mvd`ydGK*fK@cs##VEmf3P_}gR3DLS=m>4y` zWP%JR6z9oMs74F=A}h4UA4$f;s>35s2-X~2^4g#nVixjZ#rBK_cz?geI^Q#|PC0|G z7NETat*;{UBC6g<#(7dUP)Ttz&}^JFgxEmW-F<@Er8k*-7uYDJd{ix-4(D~4wUmQe z`2PC@_aKd3y3HJhy#v&6C<>K3!&F=q-*r&Wq_Z#dq4OPH4K^VA1u0fA1@r;>zarlc z;CnZrSb#4~R`>ih}XL$r2Y%(Y@$;zOK3`I!K~rMxJBN zl7~1#VU{|I0Xol+p96jm?}!5x_r$5&j5On{8F>v9Jcc%7Z)s&<;paxOFO}fP<$O~A zs*JatwJMZVKCTGZw#tG+$ZkPVvmkvdG@oKs06JhErE&;v35clNC1vtWjH`Y8NQSOU z#!H$%1F4efbqk? z6~dIjNYT+0baQm9D3T$N%89`+6K%tciXX``$lXHN46F>pPiHJ|9se>-!aU33d|G2S zn=2vIC5I=HC(j<>H~fYAWfFor#TqeFD-1#~eTckRhYmDtNX^x-c$S}p@=rn!35)p1 z7)e#hZ$*DG;H0cvI_5F=dm>{_qRJZ=zP#22UC{Dz?bqZ4@#Dvwwq7N0iat0LIL#lGAWsZr|VY-nOxXS)J8R+l-4SR>%_`e%T#QyuEV&%=| z5M0WW&1}8Y)a$vSd>IfhQ!n-VueR{ARTLAzYqRqzYqO!XSE;)mn{N?hPG7#L<+nIa zMZ03LO#O3Tsxv8zN72U^Y!uGA_eVqxSoJNcRS}J^Rl)kU&Vjj_5=Z_G44{`q$w^U# zkaD$7T1(I}!z&nmj*w+iOt}o^bjwsT$=hQ!Z{jB zIO1T6l+AO}6Yvj**$A9}X~qr$WPQ<0`VDn7$aAf zSn*s`#r5b720J9V9r(e6u_9a2FD8|_q*6zDfXgVHsTB`-P6uKqG}}U1_J%7$cS<=O1FcAPD{2*V!PRe0@d=aKuRRp)W^97Um1&BnMOh z#X!LN0||C<=&R6^2cm$Zlvx*18D4X2TPz)!*wVz6A_w zW5-%ZQTX_z*>J79nr!tSv5rbdsL={4g|zOqQ&>x~;J^+wSuyhCq+D#6SjC2#jEnnT z$VOH(>rzT~h~QP=Uijmde{K2KmVeczK3o2^# z#DD1@>i2*8z25fz??zH%|KBTqt3RXf{+tCaT0D(6aJ=&J*FX%GTlv|GP96ZF+-Pet z+3K)>)m*FYS!Mg~#w)L}341*TUIqm-wmr#Mq?B|zj^+r-@hw_`c}{7Q`Z(mh5k7NK zqMQk9t(uGF&~lryaoOqjjLeo~-kdy6Q6kz-VCJF_n2fe|qpQ?KR-X;4Gl#*Vo6ZmT zozD(C>No-S5XL(OR=zp=aeafa!Ne_ow0}F_U`7rUS>+M-Y}fN(n*JL3JPuQbI*N$F z6#25-(lvDb-x8F;SD^uHPD6-mJ3Ma(GU1lVr5D{4@=5lq%5nrPhFC_R4F(q3U4i2EtdQT$M=;eN~`Fg|Yje?*~=!r51|3aoA+U)|i- z!!(Hk$U+>sF=F9Oty8qa!yU;R)HWgMl5z_gCy>W`Cmx!oo);~{j36T_i%>~cx}7Su zFDV7jiCHn5cUah>=@AL{_0I3wSY&h7gFM?7n6I#lz6CkAzWmqd$p#sBGz^!Fe8 zuDEsStZ4$v5){s!Zv*^nQ{&Wx|I?dMYmfia8x-IFpNzKlpN*u({GZ3n zcp?FS053iDldl9m=EP6GTG;5cZ|9?Q0r3kS`6(!vIJy)Z#s*10#7tKn@h+DFEoAt& zbgCgu5R2rZgpCoN>gx&@L;s*Wvqb11u&h!?J`|f5JDSE8)Wm|1;&Q^CGUDAhiL%Ix z0(Elsf%Eh0*H<^lP6SI$1z zqffQ-Ox`e!Ei4Ka&*?m#Mazqy$|;>z=;KHEHB|Y&i9qfALk5%34XCk2LWS%rR*HOv zQb{#vgp>j5wRUmkRFpIR&2 zsuEhG`&A_aW9tT=v)73`ogy!PDJh?4CCfPBhRS7arqs3XbUH;L%2);Mqk7(Ms!$G; z#-TNWrdhU`FvF=c4Fw{l57Wg}s*dc%m8=ie*IMNpZp*s>rSr=uyN0g+aO(S*_VZlHE84y2&kLbtzx&h{2KS$MEr@xE@SXIG_rySYS5J<8_)w&HR?e(|0ur} zAive6v?hcJHIsNmW5TNzA|i%EJfba`H`d(OXIE1ED*pWhygs|yF?mGiCGyT2kkzB9 z7$GQa>b3d0E_$R3g{8QeTWhI$58ue^1 zS?l|@Y|L2q8TGSX08Yzq|E7kkza_RM>t4}r&a}JkTd@;!k<}_>Sapi?(5Er5>S`4Y z&L0Z{lrHa5$j{1LL6Dj4xC5AgT;v^Mk*i+mwP{Wn)d9dpd2*6+)XU43?Id%wqpi*H z3#P{QKbM}YHZcQMod5MF1Ks{N9Blo+Hj^6J|J0NFC-DSRSJ~I$6P7l8{!4X2Sl3x% z0p{0orf7Q;EPc$AV7gh4yNg)(@R}a~GKxBK`!(+eG_($VIlfne{s-ue0PH{$zvdm> zN_}m>0IKN!U{s+0!|naA%_Q=`{u!mx^3tX@S>Sp}Bt7;}_VBlCHq{Sa7!9NM42oMw z5m)v1mj#^(IT6;b&eM&GbMUU)U4dP?rG)%RNCdr)z{;9rQj7D}4jG|S31vJ|K>*%I z$$b#HK6$FT;RtnkWpeeykq?E$BNQKmjuK`tnYtcKsl{oT5Fo^H4P$$Mly+DBt{0-N z7kbk!iVpZA!ldW_j!+1kAAr*WcI!cDIUddzybAk=OwH)O5;?mz1E`|^!{MP$|4038 z{Kt(Xx{-q*dJleC-a#gQfh+=d5JXg3^I_O6+sMXv>i0P`nICYILHA6qBsJaTC~#sW z0n(1Gb$WCSvt`1 z7BLCx|JQ!Ef9x1fBCE%>tKR2jNZi59Ra!NL7@$LTHizE57?L!j?L9Oel>8Zyj($ws zDggg}`A{+;J6W3EL)mhV2B{hSXU5ouE?`ykf7I9G{|*L&t^fB%k}Ur-$Ct*UKi8)5 zhU3@Y$$}~O=O9IxmBw7oYWtVO32@B$X0v!3ihluU}`Lna*#4K#UH(MUwSugJ~gBNbgD0 zKK~HAp-%*7LLj0kHQwV%FWbcO-jfXCl#*S_=3e@^mm(W-JNR2I2!&!>Hh_8t_Jk{g zAzLG-ve9|p8iOm>N(jX#q(QVI0>#VC7@FP(pRh<8dSEgnf1<_BaymsHfYT}3H3%Ku zIU^?~z!exwmqG9V-Ywk#O%bN3aZKiJhw6bbDJJGJg$C40`Fn5VVMrCm zZdia+5>`*_L|U!hegtekN(&tmMkW;EMNSqw+c~rpkz}f=B$IYEi-FWviS)3)bEz|d zao~CoIRE1S=hkUXXn4nT60e=;W)bdSb!SYMu$A>}J_+s817c+kt8aWur?UGtz@d63 zTUf)wKV7_HS`(1fav~X<;v|Y;5h1UwjbelGq>gs=DrySfeVE}KMdWvAh{m*`{5dUk` z+uHv&lkmnr_#V8TL$GjB2*l(TUigyu*!Ks5Xc*21a-xbMo^gPb&~!kxF{j|cg%&)_ zqM;7S%q>Z3rK@ESNH+<@0XWX<#v&7#{S|NvF82>$Ka?1t_bBu)Qq0K`6waL7IH$aV zYH>*i)@Y9nf^mM7qn5uFj=_n0n#@?Za`x4wAE?h#G7~owlpd2ps_g%$KGyYxs_LSG zWZu885K}wa8NZ&Cu{%tq*BFI-n)y7sEcvrRP3SEXdQT~XA2NR7N%`2?W6jWBfTqxU z@c4tG;^#Ws$Y8QSAq_{hfN6@ixSP${xaOI^=6NTD$#33-L?jH2a#05QRz6v=@$kzHJcjhgbjEC>1K=KT70{ZQ8r@z>LvUmC(Bbt-}0-kiT) zH{h!mbq9bvR-o*!?ldLw)XLz$xPJBKs`j+CY~xA5o0yMAV7du({a0b|a2-Y2Pbh%t zLz=;b!kG$Hmf>l78HKn?eoKsZ`(|2|X*G)c3(b4l} zJvV?auHF=zxO{u@{NnWX?ZwT-k1x+}pP#?II6J@5+F3=&&zn-7?@*vTzrJ{Tetmm( zdUg8a#mkG=7X?Ue5EyV4a9;nt-qgMRdvS`2yfa*_*XMF~rRGR{7=@XmUINnXeF=QG zL<#hP1H%dBRx@L&nTw((IQxYvC(BhjRw1nISE~2s6BYhrJakLt8 zB|OukPx=UxU1%8QeI1%Xq*G6;4WmpCyvdKq1Gzc0aFp0awZ020ilb$q&9-2Oo1`jBRX_NrdzI4h4 zh5QY})lcjRwSqy|OJH`MQ=txvD98ek($qpnw9JV#4?l_b+ZaxuE1Ir{4H54|0XA`l zSodr*1FQ>A(d<_@R+^B%+FFszls8nNhA6ktO}==!x=xDHOEFo37A1FMj81(yAo>u% zuhBA;;j#TKXNvpvc|*48tUx`9?w}cW5u5ek`yBv&g~<%2#GvsyS;EWH8*p=W`tlsi zUJvbFzi zB2oMA&g(e@apY5TF3M08me_y0J9Q1fapYSsg9-aA4HipCl>RM`zfxv7Dn{Qfo==xc z6ULz877ePXA=4I(cD1I6o7ziIL?8!lnsTSb!pEjouGE`De;L3;L~55mG=(;g((ID@ z>*EsA&-&&{T#3uJ{O=lgNV26Lrn#j~{7?-4N)c6Bv-CxR!y>Q!gpxG-4Q2D6X-Q2O zvs5s~B$3>H{E%J2>qarXQdi6&iL)6^Iy$&wYi!jaHAW%$t8BDV-5*cz9`pmG}5Zcwvj{WhN^!YYvmS0PoZ3ryOI=v7Az=+5qbvPIK~AHc~ToDtz9~p;g+5P zjCxGVx<1~-v&8jbaeXXBhMdK|+SW%gyXE>Q0(#8)C_?*U>!XNDzCH|SHeMeE7`4|& zzL{k51k~-XWVPP=3Y5ofdE09BLeHDoKA4~T`is7?sJPgD>$ zuq+Z|0sB&60nn5=?yi3lOHUulFwf`GnB9CvO<)>m9<{7{x?zuf%@6zYrfQ4-rvY+V zbW!Q&8g;2K^5KmXx={YT#%5e88ZG~Ojo`B=j)G|Ra1$rc_0OU(%@P-dRE4%?t`&g* zCV2oC>1W$Uw&un!lv>&UlC04sz^eP-hvP#0k3oNX|8FCS9E)6$P@ux#$FH|22ETgd zK5~F0UCyFGMmcNlSPth*PjO&zkq07GFAJH&nzDGNB^;ZSRG4+4Fop39ES70@%6KyU zMr(JP9uL#IBJcyQeUQM=hY1;5?$bbli_zsFSW{tMWt}Cx*cBmL^#M{HYl*>(of+!t znH&>(ui!A5XG#ZB>g|eG%YhcKI_pmN~Dm~U9cxgfbY^Dq%1%$ zWYBA6#^zz}fXieV5k}b@;981{&BsX%7X49;Yi$c@ZH;Da31qE@m{w0{l@Qish6EIw zY133$0l1 zS8g_^z6Ro0UL&oHkC0v|Ex;s2X$C_Ns#oxc^A0I4=r8-3LSnlFdd|n| z*VF5Z)8{|l{`~6Zb-_(e2oKaJ=ok2)c=T|e9@d1HKtGi-@8QDo-?uR@X9v(Y2hH?>wv#4YNzPfzz>ah!uHqm4OvR0p;zCQi&^yXaa zn@kKC`sDx5-ORmniPTc3>t2Ao`+2lXp{@64FE7r1`T5nGoAcYNi^~^n2Ow|AJO(J7 z)j&6mg2aZXbMxxuHJK!*Es_{~gDD~np1ry*xRXnhLomkwoJ9$tpH30P`Q_=4FVAmJ z-@N|${POk1+3D+xSC=(Fo|Az%U1oC_X2>H9-rU0J^ItD6Z{OUUUtga7TC$V`Xv{8{ zHPs64v76mG+Bl=Xg3DkN^3JK_(^c+;k59`q%$HfA!OUv+vNG zN5DBAUudKs1n;#`vGcDs&htfnVzlEEC8TE!vr8~q6d`IaIN!H}B| z(q(+93cKTvQc~Oj`_kb^eH@8+xQavO-3q1{g&c1*1>rOueejdp8O)}x7l8lzufnHK zV3xobbl$Ci^OK7L8m?vrGjRFS&1wWr&t5uz!9r*#W{qMfvQyy040;*#e*p9u0^G)J z${NTbB1f6W7N})AE;v0o8BdN*u7CT#;9wPp2YiG}D$Gi2V3kfsJpxATv*ZDz@6Dt4 z;ej__M81M5`3^eQ05>+iI|GYOAnWC}-3vPb+0qoA>1u;TsB52#C^6?`9 z*`?Y9y~Fp7ua|4S0&w4`#`5_ySqe<$*E)QG*f06~Fpwj>qW$`5MKQyRXzNjRY z8oQY{zX+oYO&|27ghDTYE}0X=N>GPtshfKseMr450G;<>ns!;a?!x_WyG&tn`yRuG z>9g@*G&ni}pFT0zFiD~WPi-cFclPlbs{+ZR38v4+{Xr$fy5k_sFvZuGsAY17_Z{AV z+AAAsj3g%qBwZO=h8YUPtj4ojlqS&iA3*1gtp7n6+ajPl^Ue>zxl`=_(-fKOD&1)UDTZTF)rH-8454lxQ2 z4txDWDU*x0xWKz5g4tgTUHVIlKADwDy-$mW^j+Zk3lxIR602aKGk11B$~xy~2XtcT zo1zhZc8KT-{wW~-*MF@8Xqvg%GF{VH7*$08{_zjc34yb#s%{SW*S~NlsKuNrS7$FT zh;;g_P?%%GO252#d;VMxK_-uDi5(5Fq&;mxw40KX3 z1OsV&X(g--dI8eD1H3;tjzkkE7Krm6zq&RQ5Sj>0`{Hjj1^)ofE=Sk_&z=G2>eb~7 z2mA{Yp|(ikP6FW0fiA9(CK6eg6Xq9=ycK;`7i;_?nh1U z{p|cjUbeKOXSkuCaYI-?io{};x;ntUj6z?PTCAkn0N3?A7?WA@qAZ;3WfJ&s-9$kG%2%9u8uW=!r$S!!#a@5i$mjd!qY?uHr}I}o?O1LB z>L&SejiY0EXc7P+o1Pf840WxN>~wjjX0i`CfI^9~1K3k$saY*47$DyeCZJlqn zsqOi1bk`^fc!mGZaB^6D|82PS|Jg{Q{y$_!*>lh+3PBLfkXQe-mfpP<=dN*r7H;yu zA3ID@WXP z-sQt>TBzW8g>xN8I%4f94%wm=@cA=YOv+I!gXt~PEL!N1pJ^U>L+=wm&ni#eq zi`C~`nQ7U{OGkt5nRuqOo;&%NTG1k5mq9GWR*}KY zVwcph{5^lsMB%x9H3w&y(RAin7QcYmiDQ~Hy)-vn#Y83{Z^Y7`;SZ)zdo}>6H-}i_ z$w3fgtq`n(P5O{|@lE92m-nJ{NR=sK9i?H<)H32hojumA!zb4RFy@#p8 zRI<$wYxD`?Y5Af0l0d0YQ zba!uYXAfm?VRN;Ug%NTk3m5K&5do?Q9l1__@+|jHJ|G*Bw6w1~l*4zx;l>0ff6&8; zSDwQflH>)tUas>L(bKCk-U<+6Gv8imNHzHfMp07Oy$kHO(Wgr<<~rS=`IrN!f(%>;1;k z3I=1H&th&1UbQtPeIuzg|6kwx&*T2#K)3&lhvO~(-$WwzpKAVJ*A^u125V0Cobbt< z-Yx(Ltt$Uqa@DDX=;ah!XZA8^%JXT4V%1oAmn{Bmowrza3-X5Afe$FnP&gxGUL~yL z3GVmqLki*qPRa2oP>Z9fxM7jPjK>`;VEU}A$%;3)4!#GkvN=rNqZ9&)26-wDf~&V@ z^y-$@tlq=W^g0<(Z`kh<^Mb7s5nzf28>xSL+Ot_TC&t?3elZkps9!iNSPs^NlP09v zn%9SU8YR@iScX$&4U@o{2My(wv$wfuLT!2;{!@t&CR*LquC8$-nzq$|0~c}j@Ej%T zcH>`_i#n?0Cxco*A1w>!#Qds^0O!z>jzPXIZy`nhfiKYl>GwX3jfldgcF0d&))ZY? zz_DLsVIvwP#XUqvRfLRn_H9L|OSH4Ej5~d;S5P_;lUponsQ|g}3F%!hnP?M@4zGQ_ zsFlWZ0M?dS8HkXh~1Ta}G|9#W% zxe>57Xb`L*itd*&a8`W>I5ZxyV|r{;YDu!cez}EaZjVD`K@;%4dizPl;nK3>f~5BQjU6+KsXshN%pgP_n-vc z$x(kWbV}i2McsrSIZHk{I4Hs+{)_rm2M%wU1VDqALpu3x^?wZTzFT1w4GSs%Q`~#t zqp!AJT35OTOL6?Sf9DnZ?BLHQ-rU@0hNIr+PN%cu#)!QQeF9efoqH7eCx9-|odwKX zywtEzL!PFV+$&A~D5QvEdJQ0#ou%FM`ST8kZdl5+I2$mssA1@-?^cM*tS3NL^4YpA zse{*{T#wvD;cL@U4~4T6pe0fduR(L2WfByskUDssnX8a#G*uzfZmP4Rs*%OTL^nkK z`-;;Fu$K=n0ku?5x?7G7gT#MsKqftiGG%u`#*f9!fwE#a?*{eL_dYx3WC)Z5zs zH5#A9LdU7Wxbik37~UQNN%kpT(e)hN;K zCQ+2BpJ|V{eObc5B*Fsb9gr7e;w+CJBV<`139}L?(S99ZN-!D&M7>cWbu`0Kfupon z6IcPq=8}7HXpDu7y)Boq>>bNnGu2d#XhaYqV{lBIp zt<@4TG@pNyq!vbL+6>G8Uz!Gs$cN9^MVgIct;wV%vTOzkwS6s`?sb8u9qRUna1 z>AQd#N{P}^Tm$PFCEQkr++;Q(K{Gah00VA9fn_}*64ciHDt6y3p+y*Eki>jSY68&o z1W+PV>R_%Jkr1FHs!YxlXe8b&&jK z=u%e^gmvyrUF=@|4sUbBVGTSjJM~18%bZC z{wDByKwW6;&oZ!v#w%1e3%Uhp zdgBein(%I|7>Y477P0le!uzVKpS;x;>R}FBmOrGg`fxo0g^OcStJ z1|^6@15gchOnrLVwNzKrTu*B@eG{*VCv4KDbUsb9X3g`fBmS-XMc9M6bKh#$EQUmHnZo&Hasi+F_UPXHLT{=!QXn^yRx z2L>Ob^XFhH)PDc&f+(#g`MaY|&(X$%{43vBT90u+eKOIYz^er+lH(;ccNv{gekjiEtfTcPfEky^=rX%r;&#lOnC-;vC+Ir3rS877l2{WH)sg{tTL9Z(?8C%#&78^`8`TsIQ!NILNos#JOjb8t$_WwBS zO*H;LIGk+lKO0FT{`(3oPH0#^6hKUlo-OdOcyo9{V}9-sG2t3!%OnIYNTX>6!pMiG zbU{2&rj9Zcg*zWVni!BbIKcVo)hj1|17|NlX$G7hPp=*P@82Ev z3Qmb2VQGZKIUo^D6X-u*CMcZUcys740~F3KW?>{gpMQYflEe+)0ieU8vBJ=UJi^|> z&Aj>fhd6=sHR$|Z`3`+O{^Li`y@%3U#yCYW7O0}+1YF4PYto*c6dv)QF>|{#TZM$% zA#u_b1zxQ#1rU4>(QKZbfWAUVwb`7ziT~Ky#4w(GHfbZc77wvke=;$I8}hzYl)Q!s zkD1u{mS(hM4j(stV&?GPcQ9MV+vcg}QGOVLh0|xzNlCME)X&;E)MYDVTM}GO&s|eo%Etb9EC8<#Js={S>pbR*YHcOf-sRx z&mpl=Gx#ABk*e#>nS_N<#snUUY1skYJVTT%;2~8Z-P#95T-%fEeC+Wy=Ub8JXMF$X z`*V>uNu%-_pKK%f-Gws9Y%KRBeXrjGg~-(+>h&Vd9;9*G*NX~4*^T4w{qhbbAgJN5NoJDaIM6-uqFb!4*1Zx+#jfO04t=m#zcwcN=<{WWz+p;K&Mb)T+<<$xAu(y|n6~ z$t#G?lAPy=zC$KG&&*~=I$a=jp)WtzLyB;A4)Vy%b2t43J_t~G-D0b1qlJ=^#%q|! z98SqZN`;ByGTK@-o-e5o9hP)8{U2{(=h^=ubA(jH%3{NJr zskr$8W?DX2g+X5XkjVmltzj~tv_1}Bo*MCgCXBC{|M$kDg8jdDxPAYBBdG!Z|3#<< zAkEy+$2v7#5oJr9tr=cJisWB*if$woOlQg>LOr7p_%IHl2m0PJ=W(*CNZb|Dm8X`d zfvuu$Rw67QzqH~1rDxfm8ts4flz0b)xJqq8P_h5}{X<>;A8yb8Hk8Qzmv}G{NTVs^ z$7H$zn{Gg#!76(SIzV?_yi~e;g)k7Zs=dp+a4u*Om}>96N#+xb%nx9fw=YYe?34cB zB5#*_`q&?C(~%&JS)Yhgh!GFm1k+`ZF|V5%xEI^hu*cMDkIB%YqQi%9Kkpr%7_D~< zp=YcwwR^%}+Gh3TdO6H{_>da9@Ci&&l4b_rDu7MNGuzZGwW9yYo$ED_0xRi%PmljG z9Q3#GA2*VUIv6D_c#0XpFO`=#!6!?igxcf$YD!O9mB>8#tsse=BqDQ>|AT(&r>xdAI#n<;RdioAj6SXcyKuMIhc z!0%}phSV(^0yWqNhhpF&r|OJ+ab_aAwdE;aE;XY6Y$4soQIa({2CSn0!_lEG|Btut ze{3e%=s%ufFpU!6f*D%D5ZovVLARMkK-NnMC%D1|D(OGL2~+(Qk3y9ci6SXgo5a(G z8xwZw*4G1j0Sr}G`?7!E)I|Z<<8CIG5ug~m2?QKLJj7h`|EKd^`cLP7Ie-tG_NF+0 z=DP`V;bW$DxQvmI8Z!GJ1Nz0821R_!D%PBu(f=$;+*xhA4^LI}e^hw?cQ82I+J82Z zn)`psu39&AL4dQsO>J&he9?HgOzvyNLPx;RgJw5Sset4R3aVVHwB|Z;EC>lCFGny} z9l`hDJK%I2d+~jRUWupjq!O1T=EFaoe=3xjdxR5miyOH)JAHZH`TI{dC5?f)t$mj| zfO+SszIt8s;S6u>Gj<_Buc~9%pt%|Ys<^AO0jPtf1mdasta%vyA-P2(`k%!C6TKR7 zfC~EGoAe9xe=_cG>Hj8DBl;iuFiC++eQrTEcQfEcVdkPR_rC4!yh+^|Jh5HEw-XbyttDWDJCfi3TF;eDfC-bSsd^jew|7d@AIHFYL&e%zq^%1 ze{&bXzPa{S5#glK{(tW#Aqr&uJF7boC4?;G%8M(?NWef$XIODCT{pWrXJ%;(ShKY*BAw#02S z0*Nw!Qjlgz6wZPNkU)$+CQ3fYBH*qf1&Ca&Od@~jWhe>(3|A@axA#9ck_i2GmszxMGvv8J@IV;B z+3D5o<@xK|A1^MS-`<>Gzr8p+uX6lm5|_M06kG2UeSrR%8=v~*G9kHRmFIfPG>aD2 zYy#Yx>px)P=UMZ4)6bJAE^FJ8&l|U7=dGIy$YCg!1YpPKe@hd>G87`07Qs@ zCMfv01D1~0L_!5&!$J(Xt^3M)cvib!gZ8w(s*9ksMPnDmvt0>VT`{Zs)K%hIvM^AZ zLzBgF&n`BeJOk{YL+%zaA@MTZ%uQx6BaQBZJ#ddgA1gN~#JZBHjAHHrDO{{zauzLO zH-W(U>od^r4Mtcq6JnDQiUcR`^)rwqOK6!8#R4XP#-)g}-1a!ft+B28u_K*2afmje z#E62UQ&qPIuP<*r42d_lqYMq@X-)Iw1lDn2k$p0htsj{_T54^8n)#6z9XO%+W8%d#SP^@ z$>4i~7I9GPET~HV@Avid|IuW;mH#%92&Fj6mP zT<~{D75_M?Dg95-3I%Wm{q^1d>x~cf_aBDC{`UN5BZ<)ebK+tH^2r5UO5*1h@8>WC zKE(RUODx8s6f9Hd*ChD5%#}B!#bC1uX%c1yU4qwz;r?ejYkk@8Pc`=cXi~8M9Zt6AKO0G<@}IZ_wm#X9yM$KBeFfu4 zh0J%u;FU^fFC*9g(GA?tgNaS@`-4e1P51vYjsv)WVde%el4u#%IR&WL|ARr{{fBXH zGTiR}O(eSi;}|b*9{#sD$t>nl!uGZgX7qE-Jzs$5Ne6}*Ot8!(^?)^p zLSql)4oDJA9Qikz;A0pSbH|>wg`yc9*-}X0yCvz=OiYCVNU2n)*{Tg<+P?JJ>;t%O zoG3oapx*<79vF<)*c&Xt!53F=YV}1FZq}20S+SmsMxft2Y-k8JZy1v~I9US5o_kLb`u}m{EBCl33q4ZY6N^VX8CF>k-d7yfMjndM-%}0K- zB(drK_p)ZX|DWpE{|fK_5BvS?{hy7bQvLsJ6f76;EO61{HGds;jkbVQ5qw%{7%)}Z z&9V;lUH0&-2nLKVyn*bW0q+Ue4(;L>%F!lsvM z4-ukBl(q)PdJtl$5bZ0~<;C>i&E zKCAlHXK~dV?|Kp_y==czzzw&0kmFgt%O&W|HhAFPmF{nffu$+?t_BVdb#L6ofqU0z z6F(xg+W#yLbuH#!=l)mW{{LZbxQ+j{ktFSZ^Q=+|P|T}I19-@C3)`36o>Az-4?loi zl);55)H^Ru!n|j2A!5AnjNKxV1$rX4hhdn61&xYWpcd$eOhyQZY!TDPinN9b2&+;A zsb_1|gdZL+t7srKv7ZmQjOVwn!)#Og^cebIOZcm!|4sDxzvIKvHvZQ}Qjz}a!k_ZF zA=NjFeGLe{o#HDLv|4(k04fB=BD6ZvqC)2b>0MVDLq(8ONPM}#$jG}vT+9LMrsO8( zsYmVq%AHSB<^CV){-2}CV0-?vk!0Ba`p$2<=XE6yg|qUVSxyHCKFTRe$ew}R6On;% zo1O1SbSVl>zVa`wereQ%fcgAc4rfO`Ju~EgRNq`K(hbr>TAy~rLM$*s1%;9iv;b75 zIkLh!EoiAQw%Y&FrHnc{V3qz?eE;R}u(#F!Hj!sVF7!Sj#z?#U6QaVidtKbktw$6+ewe5|8;c0YWtr~|0mn{ z9~(+$`mgJNg{&4-zm+cd2ztLJozM*N@p_>I*Pt7kTWzEtsts)E`8Ju-qv?MQ8$cEP zFUJ2Lj}EuzzZ*#w`Y$N|75+%+Zwr#In*w5(v@!+gsD0h$0N%?ob3na*OP3`ox=c%c z<(xb9w=+%nqUi5Lfx$rVh`42dN$XkNmo4|9`6E|5G^spY%tETl&9=B-8)G ztTN$W`CgX|M1Hxep9-~(1zm!ZV#Z^j0oBX2Gs_p)- zd-nUMTJb;h{Xgzaw)+1@lDhv3dO!cvVAoq*{RF7>`uM3}Yi{(qUVSR?nohbVRh%^W zRZ1l-_kWVrKK-q6{!`fhqhWu`|2LA9{m*8V@BO6wexI`MldSPsj{2Z;m0=IJP^~)- zSUUq;i~-C0RcvXXHdSAv9MsUR236|SpoxAZ20+rV2DNODTKHHBs$g*x@aMr$sqaFBHeZl zVWHh^N%w~BVkWv>=Wgk4nyiXaDxZ^bdM&h1R$QUkX|nn%MbT~g0;vxDk6a%n2e)nz zG=2G#rb_*Ptl$6d_qXpqZzhqKoqlyu2w<2c4{?M-`tGw7@*_ZZiJLso&>vlJf!RY4 z0Q$5ViA6--7YZK8>qX*H{+*jbA4L3J>1c&~=(DIIwb7UkHBeAvNq z5vEkjI>-$ldc5!W5*(81%a3%GmYK%7I0$<03_PS z_EAdkaCB5xaY)0Sbn0NZio<%S#YwctTokkzJYKcY(D6$3unS?9&Z8)6fgP{f2s>V> z0=plVDBxkV!YP_9+_-v`$L{+OCS6ejw_#n~c?&7@5}4HnPm9-topbjpe#pU-P&zrA zEysi?E3W57%di9^C4!hR+M8yL#{MamrO|+V7zfeA0^+t5UC)4{T(*E0ttTRqm$vD` zMHHs6PLp}j$F!JcZU(2zfB>p&R4HBBtO99@3Bn#%xi9hl!}1vNfsW7Kcj>-k!**ZS zsg)bcojQvsxpO_+(kZJqkKH!ago53?s<_BwVOn<1hjo89XjYLm8p7;-l-$QrfV>9- z*5820x=m|L4dj2UF|{%PRLK8>(NI7C>kkLp`(GPLrGmR2y7RH2LdzuvC0?kknA^2& zavo7#xcup<`n5{~7S;!&zkyJ{ruw#OgBA_pn492hf4)UCpqwtVXvU2wIc)*4o2Kuh z#80W#0{wzGZWOtwX$O%LW)7>1!hb_Ai<0uj6X>J#@$C{YHJejlWWpGV6SKECA~R?WuKC`caPEQX>t_y-e!8t{KYY@fjX*B>3~_dojM zE&tz4BImz&hKU`Yyhe~k^puuwjB+O+g%J}C&8mY`hXxcjl={_+PR8ZNh7xbZx~-di zo9j1QxFJ)!Vas*OHuWFT0rjN6{;1_XVzrx6gNoE`$`pR6XhIj6&_BtM z*jd2L_1(-p*#RJQ7x2Wg$8lcToi2j_|E1XLiMP`pb+p;D`-6WHFJxiehc!ZVRXL)#cS+vZXgxCgv$$jiZtS#*> z^orh>u736wfKFkOB__uE%q~2$E6}*>qPueM0B}7Irs=Pd52dNXjR;^Ew{Bic;u6j^ zbp78Fl)+adEFT@=cgsjt3NbBBqh;c$4J7d05~i8*4J)Tn;?Cr*kk(W5AEn*n(f2U>z$11=Tgi#M0d_joat^7AH%(qX=? z#i%2$@B?`&lLD4WWd2bVG4j&lj!;KoQh9;5Le-F(VAoD)>4Wb{fCW4bocLgzUaeq~ zARmG((ngU4eIR2cv5zSTqpZ+wSAo>g*pd3Mse-Q~S9DmQ3AvB*^%(;^;JhMpO~E-} zk5WQu`t&CEwIMVyL`+uYC9rFhq<%M)^xI5L=>I%+pW^;UzdzF7|LPBi+xOo$lAe_Q zlRI_mrTp{Qm1+JwO3;6zFmr>e$Uj|X5xF3j=o|pATnp`=$F4;6G59w09@i_Q^rDs8 zG(N}ciKsi7oV=OZ6rI-F((>O&YC`|HYwVi+KL*1|LH^(Re{3ib3MbS53-%UaDfKVA z5m30^T*d%cAy}LK^QRJR@5SacpRZO6-DlYn?dNbz^k2HfXgu5|L|y@@5PD{zC6wD} z@JDyuWrhObea-@}IAC{wzl=+$y{P0Aop!83Or_dhZI+SO2Wr!r%_|F}`OwERE86q; z=mUB${tPA=*av%HmoE)!xapz~XL!}J`-^$VKWPjUwyeYt{BG6xZsh`(S^uJ+W_x~J@hFku>kyOzClu2HL4yXkjDH8^iqICrV z6<x4!@n;6!k~3#O4xQJ)2}mS3GyRWOUM0QfO2XCK zv(gu071aQj7UX>oz5{#W$e5r*@@eET@?oE;a-`Y^lx8TLk^bw{OMYHeVhtF%j**ZT z%GW02#g=p;PE`Q2qSu6qt4H63c572`IY4$iu04@}Pp499s5UcTHMdgySDBj7e`<_dd;E|7xL3IU+Z%7s|2L8f^#6uT@*0Rg zH{EvBn+N$rHaPn{T&ZTa^qNY|86E3=s$g6Y#j`Mg+?z^09c_0l#-%nct^BAE9q*r5=)Y;P|N&1 z(x&8+*R50wlxEv$2E1c+l>@b>PeyauWUI|Jpt`*NAA;;kVqlvGNw<+r*jwtU=~Do z^a?x*XFq@h25yE{5X5dam%h89zw>7h!Wp?!4))>%PSFSGQ?tF_@wNraRwv)A#Yt_uV`9e&_pcw!nW!37YME|Nr0lGkEJJC|aiA z;`w>H(~Xk|Q@EWj@}YY`izm^)ce<<8i+p(SEsz`Q{y+Qq^zy~|%U3VD3;&UAldD^!?u(^|t$e6Y0<3Y>tJgAe#O4F8SX(J3D`+H<_L}bRl$(yZvr|3%=;SV10&{a?oNH5zoc`qaA!nrX0iDn+(p3Vsva`= zTn$R*s&DIYzjcp$T95l>Jg|G3^_ z<5Sc>KB}{u8SG|zrGH$qS8Vc4Yw<>tZe-!6KW;ac4ds)5nS5dsPg+SQ8BDXzushU= z-*63`?loLMJ-mQuL(d~G<+SBTl=wfo3B**zrEe0WyCoL=F#Ww-&PZ#$qk626x7IuA z?Q1kWfs1Gb!T*br|3}s6h%2>jGF#G+%(!2ZhKqMnvUqJ0TYG^`okv+*>$M{Uy-~CN z_C_WBwaRO4`>RW9a({&;@)LA3vYdh-dJh&+0>Rari{}S#E}oMxhs1!AK7<}MXuQCA zFD{x6wbi=BnoH213M7%v0lT(8oX#2c|_zyX$lhUP4tpxwC;0H>vLc3^H^IS zUX&!z%kZM0G!0bz$N-U8I|O$v;Bgc;QPQ`W>J8`d)(_N#?(KHc+3;p=RqSw z7A|k?^Vq1x(2Ul79x8nvONz{(({E+s=^q_8BIvk$NuMpuZ`_*sjWy;smYCn5({F6( zpnX1UB>&>_C4IIqv2klAHr5E+SYcwlc1-MO(n#pVN0nREyzQZh1VFX@Wy#Xi%ZknPQR?^6b^c!xq zzMWi;Y%FTjnnjH?7B!MsRKMkEQ~&U&*)BLdD%%AX7Bynk~kL%I{%`@;kJV3K{Mnx9jt$VV_53eYOzVVQWG=)ClcRA+&A# zJZQ#T4hP5j$qEtUz!WmudkV7*g)_-Rd>SSED_F+h&CQR%hvagRb?__{d)S&{4>gKC zR48`4Q`G+9pwS^1E?=@>EL45inyL>9n?$DSeIr$W@#cceml{fqbhepk9G52=6#PI8 zYn~gscPKy^qWljxM8NhMF2J5$x*6Cu-JtcR8)%zupl-Ut7{*By!z6gX3w{{`_#sQ& zj+@Mcb1v(2!-dncFPwpGvkY2qmVvfe2I^)RXavBIJbHkd%^|>jbOVsT(t+iJxl7I# zKD$e11KUm-wBAYm!hrP510wCD*RTKf1Gstp{Nj=f z!Nt{2?gHV3p{#?3d#YzYPB5Q8(u|hf?#Z4-6q4R;BPu0SDaZ=Vr3tR2A zW~)7ot@aeQ+G}Stn2Z|sc~sVC3s>#6=Bho7iS!h%+R|J&Y39F!%a`=o!a-X5ZX9<9 zhgzQ*2f^&4GdMOePR<~)h~WMJ5*S7+JPrhUhVBCR13<(9oxem$M`F;Bunnw)4Wn%w z37pY-BotnXA;}}rP63(p8#1uIm4RUdZGCRZw2!-kvDW8_+~=0Nyw`A^dxy18a>fl$ zK*#nIP~3Ujc(xP>j=O`AHlAa7JlhEbu<9|mGQ)SsDhER^|z%o zaNHgAwf+u_{cU%J0n0~pD1_cMZs@)mbItQPQ=gC2KKGA}eP#=p3r55t z(??U{rkR0%`*$8#Cc%HFWY_b{YAF0S5ss|gFv>&qftPbbq^@&J~^&&~xYjA?ikA>GcBXc?0U^kED`ABNro z$PyQY)(+X^wSH@Pt*^;z{fV(d_Q}JuHacpy=|)Foo6aUg)s%cqoz#S=zAQx9-HWtN z9yT*uj}EP7>tpjRZkq9^t*9^0QLBzN6AwqW+f4)mSyWQKONbROBoWtiHwf~xaoI^d zi@@u%vulcNLleMgMDMl1FkL3l4Bt&4P-9}OcD@H*0NrpI)0j($Y+M>d$Xg~TdjK(3 zP+f3`GJZFM_Lp2m$`Ul2!Gt^D^ZSIhDQI>l373~O9t~JS$F0%mxC~e`xpFibmH=z0 zz>fxpWxyI@Hc&8QbEVL4vI>0|rz9{5UUsv&NAIbH(fh7-&D+GocDLBY=GIh%zAPdd z_Rtzv)>=lzCP22k^e#q4QzZJb5J^mIW^`<#U2Dls6YP$4G}OsyPJW)AB(9NqSO(oD zfVPr9aYaq^lqJtz4au`TMYD9!CULeFI5mczi<|w<&}#iz2bHyS&?cO=0u z?rLVQkvtT-YC&D5nKZ!_zyO8!(5n8~j8^S!Rw}+j8DFc#LS37~qh^kF!y~Js-Ld7& z>bUKZ)v?Z62F4Du31I|1&7#De!Lz_k(@VTMXOLX541Ji8SN8e+JKFnZlJ>C75Nj1W z+V)_vIvvQ(MLsm3rJ(r5>v)^;l7<4cF+2)fX&daE76Z zxR?E5LsfD}R7u-9Z>XXVsfsQz%?d2eJeKD3qj6gw-LcAq$K8oMmPQ|GdMtk$$F$!K zuL2D1R{_QrRyuCWO0^&pV}+I4-BPuQ?KNB_y^>WjXclGbd${;89Aa}fQ>hBqv*>{I#2Cf*V z;NTdipc3O0*fCD_AWeu`Va}i=Vgjxrd$7BuvJoYmt(1$@N&)SU_EU@cBd6gSxT2zh zgQKE?N>o%}M@9J?UPPEF|8KWYNlu_}gl|IJB6>%-kTWzI2jlr*q-JB!8_0e+rebsE zQ$N^qO9h*@RI`p992}b!RARFNJ2q?6R9CiCuqQtSoA{|&%MG3yo8?yqINTRNidV5}@^xW4dfh&qCI53Jz_MBFx$G4|vTv_Y?m2rVqDSMz1 zL610v?FEAm7fTkQIi~754QGO_NV=q)!|4w*G2G9h=?$G0P2dRN3Jwk63cQK}JGG~w z?yr`X-2+agOwnwiEERVOC<7-M&5Lqy;h;+0pniE#++;K_%HidDsy1T?-&1IqsFfoHNIukY$2t2 zdHjP_ZojN@``d5CTxNat+S)Dw%_?2H>l+kWvH0wbJ*Ji4eX7UR?NRr{QCS3KA4lIw9 z^XZ^WORyU)E;(|z7%7v{-;Ipsljh*kLY2xwesR)lCc`Dlo|1yqt8$6IotCjAxrtlV zheN0tSI#{J$s(m!ee89K?+Jpa{i?Hq6Tu<5Q{`y0#{^P0t=RqPbT9jCI(3+5W7n}e zKKR%jSB~9r_1JYk7E&_Nru*GLPhHo~W7ly$KKM8vSB~>>^*HZ2(lZ`uO71e8M(_?8 zybX3ogns|0F=Rxca#4TK_Jy8)g?f7f*Xlqd*}cmB`|nHV{Lu!%)^foC*<3kmraal1MR}>>hc~a=*AmbnpnCv(xlQG;h zZCdu=Bw+&5h2Bsu6o*6liTYJ-V=0YRDGLebx{kJfs4cQ{5T^URMm}{tMm~1vjN?Of z#&KC^99MM49i4;I{lWvLDmtKCm6;|Rlcm*7yqe7Y;xVQw90RajELSOefCwk}7eP^? z7FKQ%`>A}sP6Yl;_3G^v?KgD=`;8r{_V`d$TXw7{4kf*z9^e8}4vN4l2lgVHS ziT>gB*%eySG}TKx+$(uzI-EG3^^LMsOhd^!MiPZOh7eNmDjJ<@`dn(s;aW*~`bs*9 zUuDwbrBcdYs5mYUQmF}H2&=rrVv*NrQRnNN#smVL z363CHJU^XbGWL@M!=SM?Mw%t3{2fcK7=yJaWKcESRhYy|h+M8L%zg%j>mjVM!|EF! zYW0mOkKv3f7GF`V*k;o!!bO^eLKVFLW{0X(Kdl`AY187 zavXzup%l-hpGkolFgO$$j^njt67@3JbiahZDdhWo^ViRx;-?6H=<2mpyw$yWb$b5x zmA8zZj>GqTe>51t|9#)D{=YX2`rq^h{ZY{C4+gSbZ#eYF-yr`v2Dt4f;{vDO_)o@F z9o(Pf=LNdZX%g}?SOlK)h*PzMVq!~HW5p>%cTvJH1K`{e|kW_+-uj*BI zdHm|%=L|Fvj5uA=7^i53g&=9tMq)vEj^hz?G|OlVM{`Obsbh(0B1nQIx{z^!W<)#^ zk|@1Pfd_AuRL%6EFVZ!_;ewI}N#Y&Dv7}KwTz`J`FHg!&bfq4YlERW79sM(#ku)KK z@Dp_VkH7ce;pdKj3r)|h)8pvq3%VjJ#;IWG8ht?!toH@|NK$DHpf5*XI@ZsZ(*NYY z0OCcS4hQ3aX*xQ(k&{6=!ss=Lm*|b27L^@(^zroS-Nm~fPSDNki)(cD`t<4sU0kDg z?{CoCSEui8(9L`F@)f#xcYSmE=FO{fbbfL5>g?vtzX0R4%7;BV>Yz)=(L>>ag!f~dbbcS#T0Y_iZ&A-tX#6>D4{ugxH z`fzjBxKfr>-DvG{v>++u z|4Cz4eoWVh3bN!LdWFM9vx&?XEQ|A});Rcz?#bFyCsR>NBE$)rsml}3P%Vv4i%u!^ zXGEU=UqFZ&e-td5F4Mpfm&}A?*}uaQ?#ZU`&>z58u9Pe#5z3N?q>6!npaQ8EvPjA6 zw2I$$mzJn7sz*)-h64;?B!P7_G({A+RKk#Oj^;Ebl9R;_1b)v_<;JARoVD{~SD;Ul zJ0lkA!&aVcEaaYLs>7+pva|zYx+J+fn(~gGuw<# zGgDhpfiF$60i?W++%W{@e2mZ+G-FII=ItEEoJh)FX}@HaB=sdMSeqvLX~D>e;-P7u zL2-aJBFO_ySprh(0jE^r1FOd%fj!nMEOuaqQF=YUlC)qcU~ z2P#ln=*_b=6jRWJ!LU4gz?Xb|{aWrCH)c3LFhdwSyf@VxCtcAns)!H`9bE*lFgs9?ZtCWO9+7iSey2_+ot2^B~X|Fz0 z4%_wa) z-PrP#SLLb;jZR;0KqD1-8%tg)aDOC^EWM}6-8oImliY3DhpU9CTOtr{5FerUBwLY$ zL^@N+7H9%AtBW~Gm{3_;iYxGHr8*l8NAKq)%M!7|3$shXaIz$UicWYdTiK&Yh~Nvx zYMb(aLoWwaoOmK-nPhDEvwp}oFYQ9b0=DlZi*`H>8|dCkrsouH6X+K7!^C-xsVd8D z$j>Cnb6k7M@x0%TQhb%NrNA_P23E;IS*()lM=`rosx@Cwc+~*3`puHHyMZ=gld^h(Bxm>^FW=>7$sbDb&jSxT53A(3 zGHg!~_&tqDnIl_z2eeM)Y1(d?OYPQ4tNXA@x~6Zd_#}2tSiz`Ag0e}IJ#X2a4I6tk4t<0z6UuwsB2nMV#5k&Hv{ve zshp^bgQ^reOQm@rD2}-f@JJ+9Jzk0GS}VKX!Crw!JUaLoy-#BEB$%mFhbTuRVcFfH zN=P+YWTSAD=axZkxroe&Yp}|wL~YBMu)~^)EfL7(9{Lf-G%}nHHkIkrMrK7=YQQ8dhxMi}^byE|sZQoAXnJLhT3%0j)HM3iQ;z^|GMfEy7gJkbS!X-8Q4D zf*1I%4EF(QCH4O&U*P_5bkd)aC>Tt9>=QBw=3_h`O?q<@4Wq$4?DvMl-U!d;y>QSY zI3lBIFq!p7(IlLP{ct>-1e>V=?2@7;9rOJINmF@@f$=6=7(3G#aK)|wAemr1#IYJl zzOa8YEc_2C>Y@l?^qQsg7uh$KCKNi=9W|W7Ox?&Nwj0RJC>3CbF^g^9HgilB%^qB1 z0p9^}6S6uF4ZObR8y1@MNk5wSeKMTR`lIP^;7>=x{uE<>LMFkC%%Z;U4$2)(ovjO<*Sa#eC+qzBULQu^DiGgln!GZtT7B}0*z~6Bi&N{Xv>zkOyJ_AK zXapN!fg9izy`TXE?k1vgZ=pk2BL~G>Z9|TV;Ca3avHB^9I=OGuhb{`sa;d^i4)O{Fj=yM6R`nHqm~9{tW|jQ=@{J}J{@bUXT`Ly_IFONB(->k z;}FtR?_K8MX?RisG3Rm+QYZO>ZhI2Py9^2uvpI?gr_#z?v540@KTu9t@|tofY2VN# zxac*Y09@k={xu{Bsn%$rnxj~?ufSvwpYj2MDZLd=1yyH>C0`R7n~AUniLUIf$m+TY z1JBYs;(}hxW(D{Xe@43JCg53uA25x9mkvQu>R(1AwMaqk)-JeZ)2M6LwGx%e+i+?~x9D{f2_Es6^Vu!G_#8rSFya;D_g=aLTf|AOnZ{a9voqYPK z-HKASlK%oRa8}$>LsWz0*Rs*#g*Hr<329Usi}8mK7jj#dqaY+XDx$V596tS2I*+Y_ z!_cnjQ2wCl(#wn!TdYXrL_ZHjP1!|wnww<_+yH&JewoMiTIW05@w<<9_1QYn?b66F zxP+@=RHj(ktxD(NYO3{0woX2&kFApyRBLUuTfls+lUA?w+fVHlCpZlkgy-vGt_#um zyK8g*%iFo~YQp1G?N@~cE%6$qgtPd8poGVa-DfLvAHfop@?yD9I1$-Ob8nRJ28~zm z)pHXOA{c6&#TgeQ{hp>=v=E(xKj&S3`GG(mfNfN2`jLvoYt^!;mps%ICF)qyhWs0v z+;g|G(bbBEN*Y&X%d|Vg?MNl1tsu4ZAOtzhBzH zVnNKGkM$Uv+)-~aO`7TU&`nJ}yN1*@BP&kO=`p(b_X+xNbB10Xqs!Cl>yPIr=-Xd^ zMc$QudH~`vfBWrQbXGKgACf$LpR%R?4I$4nYXN_+9q;Dj%_?pfhxrNtL%M%+o6mxz z363ukLDD%6N!`Buz=@8CqB~?oN{kJ;*^{q2!)!hSE|_g z{eID^4wPCiRXL`Bifgbqnqbdz^O!)$h4&`l1DQct^0-m&U@DD^OY0r>6OybxGY zpWqW{PRiSpx58=$B$E=%*JwqT#(r8{phjdQht z89f~*xqL=T*;jXMMzNQFBj=eata+W#BD^qMV48GhnA1=N7lI1R=88JqL0_ed6q7l< zx4+0U3?$(Shr~!#xj;)SXb4eeXP`23(3$hqF6P~a2I-)y6-gomS!Id<(gF+5V{!7H z>Z5huWu|;W*&s0V75w)dCo8F~k>e5}k~)?_G#2Ap$6Xq{B#9u9vOd!wwLkek!9U8P z1GZ#`e8$UFOuU$dI0iu?g{(PTsxC0SOF>;|+6Xy1xScouXbO_Lglo%Z0bjpfy@VrK ziACV@NGjF|6G$G0ChO)Oe@8v9H|Y4gATn`ft`o;-4vO>5)`r%3p$9DuDOdN(dtims z+?}yP>z%RcUy35)8QH3(?kc30WFY!)*{ zi8WCF#6qSvXNFPz?!NS>S;c?0<(uCqj; z$lScS&efNE3SP<+T1C&oUXe?sbaN@YbfFxRi)Z9o3H3(DkKJaQ>a?e)rhFJvv2%V% zrSX=;kWy=RM##;AR3U(Rrz2biNtZNH49e1oq}y{y^kab=ho#d)iY6vJB+ZgGJguOr zK;$jjkbaunNsWohV#(VKr9jx7(UtT(mTcEBUZ;Z)YAOb!gh=v-Pk_ z{oYnL^0Kta4H1?-o3NK~qU;3an*kkBZb~g?KU}@JmQ6EGtbk29fb*B0jdA0hbNSB7QfnP7zM*UY-&l z=lYz+k9f^%v{mAct4mXcy~o;^j@uB{k<^w4WQ#DXGxUd1FbI4Sjl*6v2<9Z}O`=)U z>y5{=@rZ=8(L4;sqh2qVg@axc3?keQ{BYp+@nA9>ZX?KAo=2A6=To`G!Y(&&IwopB zJz}i)@@Xg47M7Y4R=N?a3Dt^417D+Wc)(<9G@nX*&D3(ANi=ssN;B<)F#!bFMyXFQM6Ex9ff#1$;N$HGEq({wxgea5U?Oz3C7SW`mFn!_jy?^TWPB zod**?7!CV9GK+%VD4O^2I2ui6gZ^+f4F{81;O|D2+5V+Fv~8Q;Zu~S2amO&7JhQ^W ztRqxh)SATSDy{YSZSDf?DHY=_t5`6tD}tksDHY^>5-P{%Y0)xw$rl-fJ4<>gbZO<|?cs@$+NnTx<@8 zlBQ=lAnNkRv%Fa|$O8nqy_%q}yFlwC!?PIEWs~`NF$Z`5BTjV97ATOHAkz_rvS+)n zPW9DF{#_2QO+;5>|g3QK~#3-ic@oHcVhtLF9)kQfpuSHj#6c3}f^*>)6+u9MAMk&dPXHHLvM{eRE`b2N)3%BYIjHF8%X>x?D`htmoK|2Gd4Op^WdVGrF=#_cASYHMC|6q72W|z5?x-*2!|?@fdKUEZS zjaI?kZ1Yt}`42FgDkE|m(W>D_16ohyPS$e;?^ib1_yVWk({H{*$`i$m1IHi{3_;ht zOnT{|D*hz-2Dl=c))fdvt+yl*%^L3sOwgfjAsA}CB}4qCm5cZxsyu(1y*!jk~PcVE`ythD+F$3$khWtNRLX-Xq`SmmhKe)gV!9S6-^%&D#Z0oOgvl0V6g z*Tnu&m;T8a;Ln)0y<*Yn)-oXtH9Jfx%X0q%3xHU_-t1nRqth{XCMPVL9QDn^uc_u>@0$p)bhimHaeU;MUVv8NF!35^_ za5}4<49fR)r7=Wx25y|j9%Z| zTeV^0UnUwyYfHRd6k4?E3?k@X~N1Y7pK+tP2l^S67@d2Tx(uffM!+JFw!JX!#;Ya?zjzM9Z6l|?0bWvB5-fqBmN`` zqo@~+LVr4&&!>ZF7>q+Qm=DIo(QHbH-wXQlNi-RZg5Gp8nq%DW2g6YxH>7q{2r}ws zI>S!BHC`R0>)TwhSY;AhzrUnOWUA9hSYB9s+it3t?OPj76FiOU31Bx-tG{hD=}+t4 zfE}Sf0c-*9fNY3;mJVu#J4n2OZ<~nY8FX{y6Xc)u9ci5q578uyGgBo3&)5UeS89h#u|CY9XD|t=~P7}({QCC$&<&M;DMQUy;x(v{I;i~)qD9p^f zzL>d6u1#}Z98NH_Vyi4x@?P06G_5!z0wI% z`ebdZxD2?hgwhQVSo1(R)#Zk8vYxSMt&p2lw668_!vS*|>oe38+pMhW<%f%N?Ku1J z_VoInt&@IfWiE9Mh7X*i=;9oGCp#P?l00-CaEeTIop@bB((LbpsF2H)KG2xlkykv# zF|fJzrL|jj0Z_?4^-7}c*2?sc@^0oH_=+*{eeU!&kD`Eo@Erp`qWarDzQBfx0;Vp^ zPPM!8`hQzo&Uw41RqiqsZfruoZso2Ll5LuCUGV3VSp`K`-{U2XX+xbEsi@Kwnw#&i zwTi2KmEMx)AzxfR4BGO)BPWt|lcIJFg(|KE4)1GP3SDWn%)(=}Z=*}dIXTa8tpA|P z_vC-6)AGDUdrF|6IbF=TX6m)3o%Y4GU0jJKbCxdEkyqOp3h1HRVj;w8)3yNUhcd6K zBeel!!Xk3%C^l6Jh%xO{NS2WmZy1hV;ut3(N#Q_vXWE%1&`I}CEmE1+l9livBVG>T zc;nbyMYL|r#3ZV2`bHRgRy+c@Tgn|ds~u?~T-A;gCpt?Vxre|63xRk`cu3=16=suA zO&bqgt7K?f1-O-MZ`n}%^%Y15ztPVb1=#<@k!MXPCZ(?WB3AY zgxdn(EhHJ5XQ;Fj!R9X`o^*g*aaLQNh068!?Fs7l9vYJ_dsH3t5U8;84#edLEw?p(^-R-x2$GPRj@ zaaoF(u%)DZP%l?8`A!PgnHH|c?UJl*qa0qlkhvBar^de9=#gkJ2Fv{qewQWR^={C* zki9cBQYuc53nJItE}p6Z7TT1tY#UHGUQfHJMR=BBE9=uUkMeSeg@{b$eO;ryjj#ej zxe;0<(oQ^K7lzKOU0MY0xd%7u=m1tk5CUJD%5zg%t(Z$IXh^-P%_5X$i7Gj&A(fuK zQ4nC6y}J~L92fxA~3drh`7ucD6ot@QQZjVIMObb#e>8yJAu2q1Szp zS5iCvsYcV1aE|YYD`NR86V&N#Ajw%=`gbFW#rimHcoo;^cUUDw6fK`xya*t|i*^N6 zeLF4KipA`1eZ7)K@mXFlsZO4GjnCENkSF=f+`*Koc{AWU9N>3~8cyayU5Lg2?!C9x z&CS2c8%sa)^3_Wi5*#iNi7335lBu^`Om?^wB#Igpw+1B(Zt}8=4OQ$NH4iGUzMR<4 zvfNq^m(V1l4>ZbfEKQYrQ?eXNNpgYnH}CUT8#i8ie55J)0p51paPLtDb=bv6fvEZB zqk?0PtB<_rR-6rZ8scp{-|PGRoX|Oa}9b-lu`IiWF;JCd> zGjaywMVBd)3wiX-Uq64WpCXj1TY5~oYn-OuGI}Zw-}n8|U;zL3eZTsDe=r(<(;M_h zL9ag;$acNapg;Zw`Oh=N%|96zIQ_;`x6Hv?$TW|ocio@m0YJm9Na@4c3psCrne+FSAfH7SeosmK z_ZAoHnD7N5qJ_HuI68Xq0&4$uKwQXQU%YsMu0xzinUckV9~~VXeL?RSdP{jp*vqpd zOCs}jkCc}uoozo~0Aq0m8;tUJhads_Qxi4+-OKjZ&tE@({rvUwdvny literal 0 HcmV?d00001 diff --git a/stable/authelia/11.0.19/charts/redis-3.0.30.tgz b/stable/authelia/11.0.19/charts/redis-3.0.30.tgz new file mode 100644 index 0000000000000000000000000000000000000000..ab5d8913ad0cfbb49e0a1481ddc5f8c584e8eb73 GIT binary patch literal 65401 zcmY&;b8uzN^LMaGHcmFSZRf_exv_2A8*IF>HrB?rZCf|C?fd5W{`LM&)v1}9#_2OP z=>BvQMSVvH`|knKfYBLAsW6*J$#cqi0XU4=G?-0QIjpo*0i22&8l3W)w$?`Wre12w z4*XJPwsv6WoiJ%=i?4!RGVMd<-$^4>klGtUs?7B6uWHywZiAYC;?j)SY zOT0(vr++2S?M53@>w=&UXOn&v{HPim`XFj`jLZjQky%AH+JJ4RfjQqM2QAJ<^L8?` z6-YLvAU=Pv_pb`Gg1B3)S*fOW>@!GEZD9I2z`$~$zD?~QWr_FZC~TYvtGl$}WC^*? zsD`|a>PHw!XVitL$c4Op?Brnn)epD&zAuR$L`?<4jKNfDL0%0?e0;H#fdmVAXP0$m zS2cnmjJ>OWymw_fF?1{z!Sl^|U&IBI5p@Xk{;O=UfD+-xT9|`&dGLY?^^>QETN$_K zw@Q{XDMV5(oE^<2B5{v1dx$G8@?<%xcR}VpA9(nb^xGVngY58!Kj&W)6q%- z?T;F1j1v*Ig?NR}NfM)EUGdkA4sroRy5i**n&#qf>PfQ*B+p_=`3H^YNefbudF0zd zMyXAwE8wTOS|!V;I##~i(oWpcBoZjWzT78`kO|JSahgu)#}A~Gfxj3-7Qs*qJ7jol z2KMu{^O-_5#hg+@_Ng}{!#=HH*R+DM?M6ri!uk0vIi*W%THplhAUCd_5)|@Yt^10s zW=`CoI}Zak>pmTH=RSe5yt0=Ay!P{;Gel_F&b+8)?THa^KY%A_UC;OpO9K8;0la7B zf(Vx-vCH|53ujyK0(8|PMRY0gD8sOM;l%n*P1no3D})dzxczWAuRo_{1hc8z%APt+ zjH!%|eBszkkOXIWabu{%wS&oKO=>fQ092 zIAi9|f))9pXI^I6g z9A%r2d|VLz#32=a`-Awy4(r-~1qby=)4Lj(2?iXFX;7N!@;XvEc)$60-V>@8e25_u z}(h(7QKfohvc13cOGuw$6+XQY0|zV$2N)Az5#egVch;NZDN6A+O4Zz zU=w7BL_euTAW3VaT*j^vfU1clYowq91B!jpjj}VM(h#s;4~cbY_D5o`Rv;UBn}4qzAqcmI(b0QryR&1=zFnnBGKpP9e%TrjHfX za`i{9 zvjFqAzWxcq%}6$HOt%Xq3a6jgAwLCy?>y`d1YIy-lCLNP+kq)i&@=eKp9vNs%>{1W z(yMx44TQvL+j&}5w`79fY2r1N)J{mQ!meW$uDhkMj$slq!|!FGCwT(*-#a!KM-7E| zyTnz0(2Shq3D?0>bw+^UPjb1#0RSk5(qoA4+~c?4=>%%dqAT9K5gk&rOZ|@@3F9ELG6{w$8nKPkxJCAPAWBN#OX+*lR9YR{lg=~t*rt8j$6)8y+OXY?==MX zJME*BWa;x5VcVu%2;s=7(w3h;bxHePwYNE$S=+If>e!pqoN-w!w?}WgQ`-oCE*qCLXdkMQ3h6s)AIqy(yfWYwAd{9 z$r2%@D*E{=r*L(5KCa^v)Tb$_I$4RS$#yXLX1HLi-uEMCdRc!H4Hl?2zXuO4=IkGfu*;E^#YVc``Q_P6IUg!9Dc%ZwY`Bg)FPNn*^=D zblVTNAQ@<$c-;Fx&xb$Mj9^BctEp_*StZwnS;K$E24q$Ip)-dW9rd+>|J<(J`5@M& zc&0El+;>0zLy(4usq?Hc;MNP1p|XZ|ohQen@ERFEeKiOmkBC}GDdQNGgrR06I^uJW z$IpJjw3S}6{53+BlSd$eeL}hkE|Im3NqB!YOuQTjUMZUBL;((COg%tiq@9)f*On)| zp2F6fnrZIUN@N_Sun)a^-@g>xs-GY-<-jov{<+cr^TF1;j1r2EkXD%_L!>9D!!=z( z4h1R6`!W0+{RnSfZ@86`C=yo5ipTK7p=sD693bwxfn!1)m%$Etp$-BKBJU9MZG^t3QJj*v zL!VrD#VgCTM*@&(G3!0>lQ8ARNMq4RQE(gPnjm)B>FN9u$$G$pO}#>ko?JX*T-9Mb zXD3Xhr_s+nq*B#r&+;JkA-Lny@K8m{m*$e1MbL3G_z@-Wgg;2qE zhC@1xat|tT=dYIh1Nz?0h(#+EA=EgtkT+qi9`E>N_znFva9{4D`}ibYMCOqw7gHJt z|ExQy%RTfwX>fFB_&}nDN46316f%gUKUpyBvWwt^8(wXQ;i1}l+79utOXZ5H3eErg4LnavK@l~o55x^c{~)9X6tK6bd+x}TvWH4>i=5$ zQ5r5&jRPfIbm9Kc;|baFPr1(8i-N4h&E;% z`&Cb~Mc==_O@d21HJ}*YCIm%2{)j-`w2zpkGHS-N{rAraqnv~qn2_rm= z`_n}ZCZq@h_>4ls(CKW2gKisJT_;|Plelghzhr4yoOw;zs z+t8P@u2vSuiK^6dP^b_;on+A_SF6D(Yt&+D#u+kmIcMb@E|DA1FSV_PsOVehqood4 zPea!@!5Ge8d8Ay~J2km)Q36*HZj6T;Bf*FkqOHeNJ#RK%FORDZ3cXk~xrxeK`a}zSBl-t6}NWT^&?#{ zx>@?B>MQEDLPuFpr-|-Jq80_8hmR#vzd-jJ#zF}unO#%J(8(R3%$`cdY?)x4&5aoz z`5l3ln7I@)NEiSSGStEzr#FlM8>8myeZW&3*p;h&4|Q-1k6ZXi8Jql4r=g+;E+yP3 z1UD9hK0sb3T8_IIBU47VO;U=9EDRtFRw`>FJ&Y-86P9*^vP82GQ&M*W)CIi?R<^37 zRR$_Ah@b;R{y?BxYAjbgz#IDaF7LSc3S>(x~3H7sYyD~(jl!S&X$ zsLKk#Ldyl4x{dvYAnzhv3k$9z(3ww!;rLtoC#fWbiV_4G427==Dq<6*WsUl(A=F47 zrqc*`IJ$#SNSTDOJc^Z$39%hid_HEu2uUP*UTGS`!kKM;XYsGYjpzHwM_M7g#t{i5 z+i0g%x+yNU5e#-l7Ge{Q-WE~Ta+aM#$C+WX;o%;6M=<^r=J>VbFnplop3Yagg=Qt{JXIUUU=l zlF?D&-J8ft2|6Y~vfF{_2m`>sPRTRY1pbWMi^kw^M+Y4J-ms@SXZDe+WG$;2vA&Er zq{L}ymCIZzzd~MWIlkX$6Iy|~Er|s<0zM_d=h2s&&h21M{8|-WVc%@Bg_4|w4KH19tPnfUw;A;H}MUi3+*G#5EcNe4QApKaJ3oaEsk%VMi{tMiv z8k!m$4uf-mOux(lM+`QnWG3|wgTma_3}%H9%M=?z*nK(ekTw8+6hkeiO)X8cmTVHS zLPzzIe&U9{i|*qP^*_ryTBAma$12f7|2vGFw`XCGYeFLKk`i`l{60u3 zNsW1~XpJ=Z0v<(E%e-tHNq87ZOS@8mx&Cv1We5UPF}ajG`8&oMQ+4Alp81Ohb=6p9 z=m-<)+*CR0?}YQY>8$L>KkH>ka~4X@6I&LE99PW6DEn$HhF#Wi)YMhVTCB3;l3eiy zz?9iR%_Q?{m8h~fROVtnX+1thdZp7UetYzuu14fac{IZW+|RKJOxg4UvIeclqI~+c zK@JD!w@BhXlPH1SDOHDJ4;D^RX5idM}N`+6)@c$qWyAqz(DsW3D%Y&mJ7qns{TqVrpPzcG&v ziDRGvQVc0%5l++O4_l0q0KGq_D{4L&w5zuj8X=>l1$xp zwX9Nyqf1zAR48Ik&{>E$s?C;Nr0AJWZHDmPZEuLoyr1Rctv}i8E#G?KRbW$ ziVc@&R_Vh@kxZ?2Qd5qTSr(wvl=2#erlVz{vYaKCXvDzP)+*cC+9r{anUHgGTC=!q zhSN+v490g-M%}U(D1*0QFN$Cl;J0D3{OdeDgphNpLK8cWVd10RPT`i!rG6Z9ib5Uw z+N_~u6oVKu;mQoJ%pihq#`8jL;q1U_w9=*re$r=mW?`9st^A; z235GtV#G--{Q5^>-M3H9m6laHN^MUbQxzr>UJ~g6op?88=)8p!vZj{@t!g~dZ>S*Jd~0uE^hANvilH^YmKhL^NO@HA`!uy>O)_hK&&Vfc42&B03a&WC11j;Z>g&50 z5067Q&|w!G)XQ&{S#)XIQy6knjKQM-O@!U5-D7KNAv^V7cxhRVkcnva18Sm1>`H?n zL8D&G%mCyt;kscSPu4gS+UJyW_2(*tWCcUlBqFFb_1N+C48!S+_h;j@s(3Dibp8b71XbhKO8Erb(;WAGy zW}GW%%A-wYu}l=VZ@!-+FH*74_@Zr_5#S0cC;MrAy)2DBqX)x7g=>@@_<3z8Nk~8b zZRSz}rx+S(b^zd|Em2}dL(&gb1TRbMzvq4{Qk5}&FCyT#)`Z!odsoT)v2_F&f{h{T zn1UX~B3stbR>J9;%0weIDeuX_CI$nu$A^l`iluEbp-wHlBed_6gEw!?%U6Y_YQOfvGiBiAJP#-oh2=DwcU$F2U*fLFv`_g(Q=+hBt9{7oarZL@AdPd?Qq15C%^|Ll*)F z3)5$sq&j68z(=g$`MnU*Dj^FsEqBr@T}mm{84~xIZySo`hn%tE$JGv zjDjK1dG5<>h6pp4308&py&tqrx*||zkfkZ7U}OJ~a3l zj7jjMdHgR^!7)wFyrOv+Vh5MFr{lxzI3}koKsBh0Nd{32%L!CM#sPh+k5oUzyq%L#l82g|T8M;}#& zVXYRjwCC@aJ}M!A2Skz!l~A&p=uE=)Mli+Dh6wu*RB4Kn@Cfy=M<@FqmDcsru{#s5Ew-_GLr(5!s6NRi)0Xe3N(=$tlI|ph00H0B z*t!kB4`suu)Cg0+ahCS*fiJQue#bfBR_NnH{cno1h!1Nbj^>LJujqHd6i~<|=g==1 zh5)ff7lBw{mNF~mLh%Z*h+T}eGh4s1D&TUZMhV+s!RX7 za1B#w$B?K?&I6stkkYQHoPSZG#{@&sI=TxrW)Ub&t%4tXH3zN4mcQ>*J9iTL1`LNz z#JQn5Tv2*|?rtdKprRE7)8%rhN0W$10KD0xXLa%?I7EV?oD74LT$!b$sUAtbA3b~I zISWpbZV!C4gxn|K|NbeYk}ErHzf1Q+r)qbeu3a4*dq`U0$6%$ip=AO@zt}XSmK*c4 zo`&Tt)pxG@F-J079XPe|6o>;`8l|a}{JBFzbs5_n#2o!qbEu#HA{n8^PE>NU7@;WT zT1*y&JEtlNTOqjB2E8E;DyWpEydf49b~Di46i{>YYYX#lii8?{zx1R+9Qe|lUdTs- z1%7S6Y6xbv!T$~YM?w2E4pw3tl(umRww%O=tQ6mq3$g~N=4P=$jR91R|MM`>Oc;Y@ zCd8G3?4Zibbb_3lFsLnbf~=`VCw^ZTef`wet$m|*(;x&;gipF|xbBaNlt*pa)ZV$4bms0c}D zy+W|4(U$dXPFqRDRV;&j9B|wU7y$@Lcf&%k0nvsINjQ;&+~eRkY_@%WkYSu>5g?$_ zu^pMY5AH3kQt9fNT~J7+kUTv9aQm=*-=_acQNT-mGQkCq$vUbA+dLOz+dR*v8Rcr5 zV^dp%1^qC`rr_G_qQMT~q=F8Y!!+YYkHLj5D+&v8w#KH;3u}#;tj!e3f-f}knH-Df z!sS3vlSPC)SYTEXK_pw#!65uT&ki178p7(R7V(f>xX~l}<6A!YT~hJ4k|6mT20J={ zBsg8!?w=rMLLBOyKd65b9r+CBjbzw-X0gAFkoYpgA*rtfiOxvBjU@ zH~)4Mf}9z@L=u$iG>=Q9$8a3C@h5*xU)72h7xc3W|%OlMYjRv1dTHzA>ij*kI0{hjJ zhlK!c2uVuA5!p&X{R3B7LMFl76WEa9;stR*)+Z*pSpv{9$0qhBF3EmiBCC`UK>1f} zv+}@hwc4_492USQtJF>Etpvc!!?b~tvjMwuED<3M!ntpOlu9l(iD3f9W&OBCdly+royk!Qof52N#uz{x79R*a2`<$=TLyKPVX$gA|uidH(IX_Fh~ zg2^z7PlOcU5pw#%F2RUKojqZVlV9OOElH*lS(JIiyczKSLkE7*XZ9$S7#54T=0_eOj(Kh6{yLIpuea{-IvSFI^1&cQQ-8NpngT*oyxYlqVM6AY ze0{I*EWd*1G5W~W_Z^iKkYFhG9rNe+zQZgQ{5pmf31x;YLrl!&lMDXC3_D~P0#Aws zMS#(VuO98DH1!jPBHFEa_NH1$6%LxV2eTBjNeEyYWd1v7Y~QpNUKrebpfwCvToN!5 zNck@|5)E3JM_0v(JbI`VX3_al7;r?GL;*Z#1ML5_uyr)ssImCN&FW>K4diAx>dPO23%NdXRe&oOcu$)h_ma4H`)bIkEEo zoW@4lMj~OQkZ~IO{r$uUPBa*w2YP}YaQfpqL{8vO&oyRJs$ux=!8Cj>a%^Ypfp}4O z;>jxt01EMd_7LDBSX2aqzIGA}TF#3t5Q0(#^7p-Z8yXF1Bz^998ydK)OM|Ik;7^wy z4JZ=LN<^K@Gv((T_jUTB2Cd7b2`XY=_6h_GhY&-V!Pdnd8D4}pZ4Gl84!O21# zd#F#YI=+R@4_?83A?5^L;ri9fnK2SO)%w-d?^tZ<2>+)PBm?okQV_B=wYL9T3Zf#! z6=`BgO3bWj&F*@|m3CJHCOYQ0W3$=tl~$+odQ&{ed|L*uUPM zncbL)s&4rK3hH3BAHNgf`zqRq!yjhAnR+w(x5=Zv&rFA4CrO1AD`~aOi_X)_*v*Gs zF$m>tYsE{W^~G-rMAE~ID!0TTd@M$;|7;Kuy}%wbQN;2QB9JceKqtq_B>_(m77%l) zkeKJ+7D5Q+9$4$mjU~wKaVuFw{*holdKeHE0YG=~5~Le^0j(wh!fc?_#JK*N*a6ta_-?ZF-BJ7Waa4`tW(n?hQ}zV}I_ zXwEY7SP3;som8}xGx;=OJ|v4G5Q#Y#mDV#ThK|E8Y|4B-6#nPE6Qk`4p#rrEGQv9 z*bHs0LAC!rh6@q#JuY5j4i#hCoc6+C`GLgE2>UQqpH3gAM9X2*Ud_^kntbkC$>qyy z_e8vg_gNB9qH*u{vg2I^ndnIMJULxncT1Bx&A3=dHW^r8FGZuB5`~X=^ZC=I`&(p0 zUUd-n_*?GVEyd#fnTIgA2hPYx$<60%xcB%sXM^KFyp?;&@qOkMnQ9X0QB z$>jmM?E(Q0RDwC(&;2JZSd4l!*qlBabaag$64@UQbC)54mxBJU-I*Q=el~k#FBm7! z&u3irOj0`IRqqxD$&+Mhw4W}IJ zl~)l5I_~~H`z7VeRerCNc|}C$KfC>|cF+W$2su3ZcAuW`KmYlh$PP}^TXK2cqKOt` z!^G${9L|qxg0Nq2Z(FbI|2EmG0$J{cnRJIIJ=<*$osV3iB&PhhT5~6&<9Pip`)XA! zxO_h^T7isu?f!memylP!_lqzFzNs9h)*z?qH9j;CUyp^S-OPfcDxp1tMzm=;{f^5Q zsH@7&CX1Wbi}go*{g%smd4uzDhMa#4{@zDV!^54gTgRFjiHX3#SPMNg{i|a?l1@UguOh5k9)?!jY~1rb$FIHV+2Tsp7I>X1K~g#*yXbLBkQeEIHtp{O%#iazH?!@~M@ zzlex0NmWMPpMRd$X}{ut$p7Udk7(KyA$!~NHTg{Qv&HSg8#sH1tLgBruA-uXq#3W1 z=Gy6fIcdFo+2ynxNoN<(ew5l7lR?l8)F?S93@5z&`FxId)%|cb^HSo^V|u>!_Ew7r zx+n)EhGa7sRIh%%l`7&J6nl(aZUF@wht}a|$^g8@isg&0``w8Nr$_GNW7M>u&r~mr z52AOgtCB`I$m%Q9#RGFoXK|gr9G#&>zb%m_PO_J z_*+V)Py3OMO;k#yex;7at7-RQh^FHGi_FqFusvX9XPitw-EA7}f^eg$(`%k7a|=6Z z)vDm4zwJey;nliDmb?u?}A~xg)|}KJ6;@Vd`{0ZiF#!1YRFVs%jw1Ub5tkM%!~$ z#8u}GH?@Hlp6tp^7)q8-A2;8HvtJxm>cKf^nL$9JtoDGhLdmkl(dnyKv_zpq)E9&0pI61OrT&mQAOg5Zou$?1Fzf}kNdgil-b_+l;D#8+!n`2imNBFdi(tY z#ZZQwK_9e-Z0l-G|1)IDlR#R)eIsEAvcNMg`H14uBiFNgmyb8r_~jPCPwOrZ{Sd$= ztA5$$i@)>ub+}|~dAEfTukqF{Kb5ZFQl`^09FL2&NYrm1kNZ}R?YVFu;V1poxcxLc z(3|~eAMc3B)}Y{Wal>rs05Q&h`{l3?nnICJz<7$%6%Hdd!04=DqFmwK+#eD|goUSQ zPH7SCGvwa5v~!w6@wbEB)A`848S{~+{;0J>UNGBX<0%IJs5-}SA?Z$wsX?yRV3~7m z!9n>ppZ^R?zjVv$NoU^v)6nO*VC(9=>p9)WIY40c=D8m2{IEKl-`YX{>4Ar7akWw4 zVyUi8vD^LWVeoIWA5XpE;+S=Ur z*1#_SRHorFadLEc!0+63)iEyNc+~Qmw>o)oxV$y@yUj@n(DgK* ztiDopF?hQjN!A-h>)z5>$a|o!kc`8aCh|8{7`j@w$@Z>ab1>noy7qlif4wzkb^B8= z4gDPT(OQXtY(t>Pa8je_;#yWIiI-U)b5h>F#v$kr@+u)BP}vc3Lm{0_VECCgrG`wN}7qDQHeIo9#OBhz6OP)JV0xteo} z@myeLS5XS*i=XqAzfbJpDfD@5k^{_AwU?9mX4c*X*SX*Rb-hoU!b+|8>wD)SrOi@X zYGDy#2j@w;No=29`FwYkzP-HtQ(rAnq%5Y~d8vtu!_u>F#n4;Y-d$)VP{9T??m#Dr zC-B|(B@p1{b|hJi)M?YlxjVuiTJ6{FU^bSdnwpVQ;dj#)AIkLJ@=x|jpG#HKe=%TN zFEc%SO3}fc*=|!+%i$dK-XBG#c-V-ub-I+mUqwX3HnGv#as2VJrL40S)1kKVbjSH5 z;OE#|krA%5Sc}N=dELL03a{yeN7Nbr2?W^PhU2>yRp`734SS?4`ja~vUT5t2ykR~B z9N2>1vYCng{aL*~;0ouwwhQ2~+kP(!cYV@+a=V<+{rNfAk~>zF-ZyUrN! zP-yZfutbr_kOTbaYnqPD`8Z#CYjjT35LEdz^UtAZYF+4StXkSoT?A1F9MAl+qjGa= zX7H?2ylT$WWgOvIFq}G?Z#p0MEyj8{4=J7xf0gsQSeK6DTRdIz!DE%@4fAga;M4r+ z`*2~gw)G}7>_GXqnUlsc(eJFPLDK!+v!KGFv16Jm#>WzPcUPzB$6xb#Zb7#t%R9F{ z@rg4pVP#Qc53GO|L>Dyky1lP!AfP+xuvkvY8n^6reH|6PKP}?r#D6}Xh&U2RSKf>uK88m+dFw?3Npw(m>01hp)Vs?4w4aCnb{LRA$f(rbAvZWa_|ecmh@tS)U^ zy7nTx;NhG3xrWvs1Um(Q^$$Nw;vTQ`GdVvt|E8~UYaAV&x(s<+f2_S7=;>V)v?;E4 zS?N}JMNF?B)>mh@PWb-}V_=pmh@6wi(&Kensf?NS%OhyoJJ@&wGTq_A9PiAx7(E88 z>%H1iQy&YwRXv$M>TsNF%rK^a_63YOJkEC1!_cBKk-V>T-A89U!kV6qH5IT7K1E<2 zuVkgCt&j!WfP>S7z}n|3Og%z4JURJQQm@+I%|K1|oyFDKRL z(br``f9so}ux_^s06M}Z|La~T(?d(wQRdyAU=G*EegPBTb6;#@hC@P?8eV*@)9rAf z+34)~Ad-nyfxY~bTIS8l;qp{>tLbv0O)vS?p-@nPyv%rK5N>Asq)oSz*rntZ15T3Y zqn6__nY~1H29ND|R8zi{4x#VSa~Yaq3(-Vp5A_XeQSZ{?18VrvYE^sPeXB^)And$HVNXAU%OP77bQAk~Gu!)UVT&fy`--7D z+hA`X?6(Kj)@F4*N9EF(Pm`Yzqrd9>c7)06)D@B^n@7cSuIGL-mBr%e0d_;h^Z+=} zzd`(NgaT9;tT(>y=hU|{;x+wz0vNP-`>45@Kr>+UHnr}~C@0*-MXqZ7Z0yxjl=nOt z>(=L9yLbBwx^m%VS(;o;F7EO>8 z@Y;`VZqBYw4bJ)`9%tg~Gc)Z_-QoQeCyGubvzNyl)lJkdXkMnzKz`{>h?`?bdx_qQ=E-0|QwOpILU)j*k0cBR&p- zz$F)5k*~J>P*Z9No;^XPV~5`y9)Gs?t=dtEenxG;;!5)d$LV?N(`hupK~A^8^}O}x z#r#`QHE&z?MTUUA(pJwo7148>Z_=c%m&CYJXxzqo=!>Cor8`?mmEYO3-zJ{FUVBTg zW_O|YmM_&=r|{jhTvnIu$(poHEF$*&#mm1XBBtZ6!bG;~&s3PW7yRn9)~o&;o4TeeBuYg-ca-0YiUymRIx8bNJ1$ATDToeO*~X(b|1!^McXWm1bOUe967% zGdzx;_vZBXFhWVd=fU39Qv=UEkb-M^x^{uV^VPJvwMf*SBWwNjx8l_zkvE-}tVT%G z%ZJA^igkzl{-iq;#vy62 zu*OyN=+m+N8(h&qwi@K#Km1zHF`a$JUA$KP!Dz7ZFxVS)XYc2_oQ;N9Ra`SDojJ_@ z{?9na#B}RJddWlLo}CG}QFplM0Rgbjn?!$9_+b}vMy#_IEFzDH(kOunp@4_2Fnomv$lNh z)}EWO{VKhGG$jzf^6B2)0B#jf->M6jMuYFR)MmdRVy5H$yh&Ufp+qrOfEBkU9hH?! zR3=fk;DaC+ZI8IS#5x*Q(=+FS?Ctcq=YFoude7qe6v0O^_`_Liy^crWhjx>@?S=e9 zx6X1`!xV-p=q&RRIAfmdumlrgVA*y6{n5L_`R{{KANW(QWT|GN^J?QC9*5iVBa$r0 z99UyhFed4DZ$9;y+9^rZ#bMi1d`6{3hwF2nT*-U*v&*-(zgbe}{R!Hya!U8H2-RV+ zBHP_?@RLhY(8N;k{PNW9kg&4T+(c!(*QO+(26Uq-=ojb!zh}>8=5QhqvD|hAJkAE;AgtP_OS(MT->T&{qywH-1^Ya`?eXnbB7e0rmV4qaPiOQ z>;#Y+(Dg^3XTM55ii@3_Yd+wgt?GwPHW}n0ayJXH)m>VjWOYWojnv#B4w(Q?y}#Z% zS2@LIx6xUtfgsNnc_Qc4suexRZ{-sTcqHK7xYHUd+B|>0DeVB7vEFZHIDG7ST-lf` zCpdnRoVOt-NOOIWd0h#YbnoOI%K*)m+M;#6sm&d4_BY3ndYp#abv(>suNNEG{KalR zuPRJmUbZ7_=@gF1Y_z!`=qh^tJlXWws?a<0xOh49u{Cg5B3$#e|G39vuwSY&`?QlE z_Bot>^GI-;*kUw&DP3$9z};)_vW0W;wVFF_df+Gf{5XbRCd|wXFgJPw(rKg+0FWm| zZI>lB{Jdo5PZt9+S*`yTKTRJ2*I!N|dQu%?*VoOKVrnTm!$B5z*T7*SY_H86kNb~N zHah>3ES#m~$ELpNkK(r)r&lzuJ?yi)X79g@opVkjL>%phpZ-`(K+li+s^z)$j`?TD z@;9C5DtxUZ^|ygxrma)|n~`dcOTk-L;LF+CBWN%2h9le~Gl`z^?n+ty-PihLEf&tFl`G#pDEv>1esXcuU<>EYeurqma66J1$Nu4`c{$oh5T;Y^rkm};XJ*%%)>&Bt zHTx&Uwl{dvq=kX#E&K}C(^X^X5BiynPkX#(iocwD=}L3K>{rC^G}IX-bY{QTg)`&h zU=w0edv`kfuJ^>RzwT$upn3l|qH43% z$?<$mXC@fu2fB_$E4O-`cdt*YybNCOKDf&st>pFV&0fai&{KAO{k^=-_;ItD@%Qz~ zR@QaAQm|srjO{Nug4b zPc>G@>si4ek_`<1jk4%?;1yRln?^I4+jK(b+PJ)Y6G;yJ)@k=_%L!du($s5TN^F7Y z)n7D+hYUNTeytbShQP0ZTxw7N@5`ODkd^mNH_+ohRNa#{9vs)wku-ei(`K5bC5 z+k0x@;oZ5JRVT2DDB+R4+;NwoiqoC3<>#OMkh#dw)#ZHJ3Lz={l$;pG_*=3}@Mo@uioT}RrC9<0zVmJ>r%N)9(1% zEz_jn?Y2?TiHFo?QTb*koI@BQnIk}G`MjG2MbKFp_qkEvbGnRYcd-`GxF6Lx!DQ2( zeOw>7vgtdKBw7<>a}csNQ7k&s!$p}~eLB~+$!N<}8|T-k*@;n4Nx{Z@6I$P;^}2ufJvHQHM9`pdh@Wki>Pxlpy~Gr)vaC;J_(sW7J&N2h6I z44=nYZT)Dw5Hs{D8+0|8QhCLn{v|rZ3jCnGQDrQ==^es~uf=Q!n;LC&&F)2Lpoq_Ocos(ZZr z%>PV^`m4d$J+ypLS&juwAMkHzP>;d-FE8`OQvA?Umd=}OV$k$%wbxt6+QSwY%ftGG zNB8aFby19fPxSLmE&MdHc9-Euq+bkbEQ2-+Jf!pzmX~cVDgvIOM!5rrz6- z+C{xy6(v;;Ae+tkV%^H%??1u&Zbf&mfkS`WAq3~cO0HM^azU?MEWNh(OWF!Mo{zbQ zO+$mmTMD|TtdFZ;Hv{(0lG*H=m-SQrj{`rp>=(bMlZ(HnPX^1L5;5bkFcwqSo!usW zaT}S--V@ksSLTREA!L|EuAd!>K9x7B7acC0uY8|oQ$6w*b0w~92D*+lo45vedo==7 z-K$%sQ*CI=ipzc_pt!SYE`Hrv5M|1SX1%k8_hhCs*5WeUy3Iuf>5oZCjdplzG8 zseS?MTQxuL_S(02-}2JWr^M8zPLG>(Hbq8jBUY-+N8OA1t+vWL<`Hy~Y%%D}lF7E;OC}tnU-)1_{8D z()SoyJ1I!jlAS6{zqjR+dYX&Hsk>}YUyJQfp26AM^3u;atF5ZDy(vGC$<0U3;ey@U zNFU(mZEexZRnY;{8rS`K2oV!u>3G>{`P1r!Y{}*tCx^>fzpA7%Fl*KSsV;nNK0yq^g`NY=d&~N{iNOXr=Y5mTuehxCd`JF%XNM|s;FpI7F54#6_t4XQm0wa8nQ3#j`%RV&=^LXx-N~mN+FA0n=Co%D&j(OFG0~%1eBhRH z?Tmv;accDQezYy8!LRJ9(7W6m4|_QVc-VdRdPC>3Cyv}bi;z?M!q<8(A#;l(dx&+G z?s6C2@j6FtvBoZ9l3fMb*?xZusK*8xjDB>K+uv4NlvQK}LA*AC8qYPfAKk>Xx0G^>(L0WB=C+QU6^3lS^Fxm49LP zuYO1D^VnL8k!6(Uh2ob$XBww+sIU zfUEE$yTFtdydiR@iIjoCTjD1mfDUPAN zUc^)>4e_?TAfkCZ`nNTdiX(>aLwf|HIKR+Cmw}AX9>R!rpb&8!Nx9kEc{y%}NguHu zx~!NDIKuU~m~=%cC}|4$TjlogI#haGxe^6;NwI$9BwZCk4nVtv?TcO-7xqLF$nT{q zlB);`xvF)@O{r2p6;=3A)jZKWCG{7}F(l=V@;L0Yo(~ll5eAZRndjF%OKGjM?RX0TXL3Ca%mM}kl#x> zarQRVC^z79Acn6w1Y&vj13yiKGb`7ftYGQ_#gw2XU&(YF^7*~Oxp)swx%sz8M%~ExnqBTk3^zhk>7jsmM0_(sqp955 z36jmnS+s+V%V7`N4Ncp!>5lpa?NL1HA0n9p0RWTSXht}i4jo^TYu86|R) zN7#3SM>G{ATB=g{s$REqqXnE; zq5=M@SBwxK%Io6`3Zi6;5hhf*Gs}m)n8aWHOi%Dnt%v+=xrC7>k5V;P&IJcvVGbB*h_y!o97VrOHOv$e7Fj z%J2&@EuT+-X+RmeNUu9rBJzjm&;omCvmE8$&1w8%!shC7mOpKMR4@I6^EsKympv=ebRs z6;20Q=hBomH2tqQq*a>r;xm%M2oa{jqv35Y)*8SPXD%~31KmD=P)V9rAX`&Zp zu>D4!k(8T3EL-J%h!?j?V-LkVg~0?>`{Hnn6G~EPLquyYGtvjykf}XC9;(CB6pM^G#np=lK>x0s8||Njx1wFlk(|3oZyjV z0ZntANiSk6SPuCVRW1l72Yh-E$?!kX9rt?aval1gStl+MXeer*!Dj&B93YbAf8+ZA zmBHrH6z@w#ou!HHh?YW)uiC!^TTo<(sj_???rEg$F}^+|GD9HgjAU*04gmzgn?2d! zN^=xX^Uq?>!}2M*WdYhHlCZFd;iXa`sth~=8{z|km7#jLU`%GKvJG8$KPwp_JdACH zP)^;lBy1#i+#Y>YYg~$^xZ<`0a2`BNa6^|-Afrc*5Zt&eY>T55BqMf}S}$oJkz@=K zIfq!;T|8P+oFHh59r6DroyPyUOWgkzq&g7^deS3Ie1FY5Zo~hjHybMRf0*<}(?9#a z{*DXxlR>H{J1E68xZfZCDMY`VM%ION4p0J77zlDb316RxaNTG;v=7-q9E3U?gHXB; zXF0^kYoCU6@-GUBz)NusXIPymitlXs7zt6FAT^L~F&p)Ii^-%ZK^0{*L$G#@7DQgA z(E=GOl|~!l4K4{dP}tN~5sIuYjor`{4&Of990&SpO>Hq)&j5nfw zr3_;7pax<;8dOhH8q!4|$1?t1-CMNwFU%zWg{Ig2!-vEvOwEw^3N&#At z535&xZgBSv=>$&cTCpYtJRbT=vsR?$av(2VrlI|aD)m#s)=wTH2(k)8J9s<@1QP(K zmqZjNevVTE02Ah$vq$?lXE2vm%oVR(z~Ov@o6BI;8_XsQA_rlBX2ONx7Q$?G7%`K><}_Lz27TNb_yb-q@Y7z> zS)l>KuYBQ$9dvW$(p)}+Sl%FwAgwpape_NNArkd^8Ob0wpHbQG5!rFNJS;N~X;Md* zieF;Epxy?JA%9~|ht+@xo7w0z8E`#D7@z|;;(80x8xd|bm~f-fX~Jzrn-e!-X3RuD zqlvJ&2;4*%^ez;S4hgy1&(J;&C%uV!I+Rb@(P7DP`Z<*T_OfJN#&l+#KIC450mE>E z)rw;Vv&DrYqt&dp@J@B;jYhr8X26X|j~ktOGiF0B0z$%JAuwol8uS*zW^=~z?u5Kc zA&&LXG?%D%L-~}w8>v8|H#$1CB5khS^LO%tGj`7MBs}jZWmm z2#D$RnA2)Bn+fQ2xy(k~WP)ag!=QJ#@HpPB?A;7+8D7B#{pzF%ky4OJ)U%PC%D&~( zXoKS8bgv{!ToPqf*r+o_s<7E=B`gSGCc=apF=Vk428YXNaT?7oJz>C*6Pm3ym&s(X zSI--|lBCEOjax{f<p@rYhhFQ&!Fqkd3dvUz}5s!65{33j( z0nnw0VMqdnKj|la7%nu^|Sc;7;TzpE-CIC_LdQb4?_vFpH%Vp7+ANBmrn4!VR%mhmInof$)I|&?bjSo^*-G^zggnPUu0hoE`KVAj%KMoGk4_!P<}_F0loIcZGjSb@}re z#3){|{1Xr>X85x6rWp`9$ik+HOP``8 zV%-XD(Fd)ABTA|;<1gDWuM5ixom?qIQH6!}wpSGq5ibf8532BDLfhau56SY+Li+Pf zi;?Zy7v^`v=0|*7=}kVo90Vx56eqoW(-U$@ekUS^4KQv|fbg$MStUhVDX$-AI5NDF z75)|OErLg5cp(fbB?V@456KFY=U&n$j3}W8UB&x7_}g}1&}c~67$$b~k)cXHZpl+c z#v%EA#bF`{Mubrlg!Y4r%XX|VDj=M#0DjUbZn^;k=@PyQ8iJMt>EzM?=@ZT}Qe1c- z5h=yH^z0@Y6OwEP$)tF0Gx*}r$PldSJ|9jIt=ZJDoDc{K?^DnO6A4W@iVU1_voUh> zk0n_%2tv$3QsFKpw5Jbe+yS9Y0lxSh6(MOlO-gX5Kk2QAVlXP_7(7G%9=;w#j;;G#^x=N#02W#em3vj#G7@0<@)tgY5Ly^wg_M4r^VmVF^j1~!35OnNmP-@s zQ917Ody$=Yq$msr&H&5NKF}>+$jhg-18Bo^&}`M2%{p^bk$8aSd^krsaj&-mxN*)S z?6nMT#t3cLPYK<~ry0%;%x1I1p|OWbKTT--G?5WyIE*rIL>)FXDUz4P^9B)h+xny^{M!`6_+YXO zF`2y93F30_lHk`mq`kj98)(hPFMPxCGqeM-X@H_R{tx1uI-O3yVZ69*LfvA5+xi3` zhEo7ml9mR1{5ypYhYO4KH07Z4h?Ml4d>P_Icq4u#!9tcQ(OpUb;>BcydkeoMzh znHc#98bd;rQ9c1}LPk}V8N8pka#Al;+7}W>iaU73$|HVBGT6UV?x@8GP?Re{K#?=Z zlz5at44cBJU;J(t-zs#mmK`EFqqIz=$}YQ4Lb0A~upcBy201xz1;9BDcY1>8lOIlk z!JKel$b~zFvJKKjI1s?ga0c0da3IW4;m27Pv7p4thN=|HM}Wdfqi!JqtYqSe4|Bo~ z1VSLzkQ|(UBK^3}9{hK3vM-tNIQ_{Ac^!;CR#uj8%+62>ApY!@FFTjbhBE=61<9fC zORs~NJ{>bw%3MGPI3&+PAeJL3Jhx56#TlH7Ot?6@-HH6woOZOt?T>%m*g--Z_ z-G~vbG$|l6oJ13}UW~MJaDR7HQGi_G`=P;Ke6IE3er-5%6Rr|eVHduG7`&ZTMYIsr zb!KRvM5yS7D(?!tO?+JGO;z6|Tsj@^lkC)RbXn9__U4dVI>$&6-A^b~N{A{I^bbX` zVP{FSS8|g!XiSx){~vqr-rcs5B#O`9`V@T;Wk<@IFFiBb(f+O?%ZW~GSx1tcyE`*S zhJYs7BM?9Ukg~?{cmJKPem5E*KvA@lAoBegwW!Jild> z_#rT9lFtR$e$IVtUJAFWZ_ue93%MEVDYJfY@pkb;f&obq|rD(Kg9hMc|#iik4ipD0|-Bkch%$=+%WHmb+J@mlxMEO2Z3z zvn@oSI82J16InFzA5n($B${Cq=TVZ}Pg9W|HHq0Y{H)XbVw&cZF8v@CvgiRLKgzHl zKFV-T9&6=zfV>wdoMI65DXa`9LBMcPt-yH?9b{)C-P-aHV8pZGpGYZ~<_WW;u%kc0YDvP8#61ybng-MY2f+P-b zTI4-ZuMLDA9t2J#Ls*!#v00-V!j+bPCayx!hmNM&aHn|p=H&Y4Bh>Hj2oj|(YhfC3 zVf&eN13&feNJI)kCv;kXeG=JvPG>ss;t{=e%v9Nf#Q-~rZHso9IK6*p)iC+Zc zc36WtQC*SbW$cxwoI0-DZfWusyvp-S1E9H0$!dW$BgUN6&q_pwICu;qT-7mIKs)|! zfa%oK&<`YvAOrI>egT=FV?<(7$PzD*kLd28`KB3x(a- zpJ7BOHGhaH|47LbWne5A^b_lADDD85QEL|Btll`oM6#kM+I>mTxI?Z=b^WTtQo(ZK zdYL76xMbng=`x(zW@>vj z`;W;qgGmy=FC}b7;!FH>jtij!rJaMYED)$AP73>GQXy*gS;fg=lC}uA!|u|D$cHdP zyakf8qf01bfIQLfJ&5ijkM?cW?Vuc)`$QZH$vB%mqYl_a&&26L!_gL4dh%`vXXR^b$w@ z<24SFILwdGKzJvnI3sY#TJI@^Os0kWAcE2ieG*MGd^65)P7$VGl$}QClZDp0+-B~@ zE>)j3fYg_Qw>`Z9A-1%AJUhKIJbjeGd!(K1+HVa)Jv?VWd z7wBaya(glF@b}+*!&L1P?8iAG1sYR68BP3;aIK#V(f)V4{o}!YpGt+aE-WL8C7Pxp z1~DmMSLE&;RlRWz`WqXJWAzRDK2!97x%CSz+Ut-+pmR`fOkw2DInuzQ3C?qWgrz+2 zkddOmaaT0Q_{2IkF~gv&3$XUFmkh4MW8z~TV2HRA=;#geLB`68T zc^pF2EHq9Yns-E9=%-0Kr5tluW&8YrN{=5vC-vc#A4PY5aDS7$PDc6L_$oI5sr$IIhl~i&%~|fpXrkPvj8&}>lSygdhlxV zNNZ@Svm_gxImS5)m{=G#l}s-_9S+Gy240+PZ0bmE420>?;Q%R5A%2t0P6BBHT(T_C zO>boOi*MA$G7FTs^*ZsxJ02x-`-KrS^Mz1HpI^R^5jM4hTz<6;f;6vy3cr9#&j8+m z%Pg7EPFEO}vIAh^KZ2TvM@sHi+a;Bp6&6HmA(w^fE^$yby@_1LC{Btaf`mg5P7)83 zY{CdDBMtLd3R+DKkZotiE~vx}{7vQ$ha|A9HUyziD~zuXx~Kx4ai}55E~Z725kFF@ z_8z0q9g_C8*#tVVIjTUNq})iNt8ajK6yfW_5AI)}OE@K7PW_0#xMK4l-!Q|6^p!s$ z(W6ihYalEGIFh0vElR{qmpZ#axuwuJznty8p#MG4n;_zj!!hej@7!RzwbKCRcj2Re zPL*~PG+Io8K~;ys+=Ic03-34?=9~^N7ITgU4bFn60~_(mqoLw>Fct@Zh{113)k(7A z$SMo*l|=yZuJ-MEngR^Xhv);9k3PI$|6bESZcZ;b1NiRcxxdLyUYX znJH_{I7A~{s1r*>`bF=qUc*;7-_%u`)_aC94-0N~Nh+At*(Bo@+fpmLD>n`@=r!E^ zTQR!eOV^y;4+``LI%C``7>8Ue)22b5&BP90tjTI5&I{~^C>d()(9$1LXaZ)VOJ_J^ z@(~@OkZ(OYM_}m6rcP%AKs;2qE3EDHV0feR^O&_Nsjz;2!z_t&+u#LqeWadx^C>Sm zDP%BDpdC~@O<;OdVraEkpY!=yxMirOVC=I-xHxc&Z~fapHndhN*=$~>37@TsK8?}l zaH<(?VRhG>(H291>dbfDv{ZQhJdx9u){AahDq4AVPFoHxs$sQHrbQBw_+B47X1b^o z#T3HK-zCME`O^S-q6h#MzA^HgC7l+@YZBj=$6gvOB*LB3kCg?+goI)A;AdE$!B^xX z4&Tr(7(SIo26j_2WVKltLDh=P$3t?jf4ToYXJ!_uA7EkjPZ5^hU>q{D_JYe)#bT=w z&|%V1^3xPkS)Rg&JW;G^)t0oLRW;d1-kx#>lrw1<8%SK$PTUf95ZeYi6vt%BQ^H8g zN8UP)!_HL1#T?pW%V}7L?tT(??);ntrroq?`wubd6Mb0;qoM=yRRv7nw=JJ=01Fl7EGq_gx{R$TM9k&eR9(jJOlNH(r%na%1 zF~_i{aKImw9Vro`3qP(Da?x|*77pDLKWHIIfAOg@@ z^jJEsAlFjTS#Yt zATbSAh29(yNfsQ7W2u}b#4s>d%;o!2zV82k7X`A@k=$KYf2;Vs@+4`uMWu`7Bf1>Z z2w%QGeZl|y>GB0#5iby)q{ZV)lD*&u-V3$mUcg}mK~Ly{0~-nLCMliiV%0Fo0vWp| zg}_L(FWS)mLZS#*ACQ~kM;T%*<7xmV&QUlHch_G)Q&A-BuwoV;kTFU~Z02RW7+~Ec zHVarwE+P1M>&Sj03SLZ zUZC(X_9rBuY#EE@#5_yHh=q=7z=CxC_tiBR-KgtQ2?A#hB?9kP86Mr!#Ta~@q8u}j zBQnFW$gjXURjxmcL1T(D#IX& z|0x2^gUaHA0pLSdi(=uUe0tYOtwdT<5(w1}6*_pZB+o<&nS6RD_X?f6PCmT@p@E~t zc2kz5{)l@_7K+y_)a7POBs>R z{tpM*N(s+k^c032hG8xojXD&IoT=b_*|j5dh5hiCj1>4SWmr}B!97xjauGO+UeJ>U z=jzI$a%^()FMNdl@|VB-NNim~0f}x5&JXVC@{%4; z+hU`0pwdi|txN%!E>K!Gmseu^?1b+?3|PY^g@il1Yw|D5KK=l$zh@)%0S&QV&{-ex zKs0Xs2_$&oV^cfRwDf}0TujohdV>FW^Sip;pG~VH_chr4*);wNm&Vt= zF3uRcLc8ZH*?GdlDm`uHDLBd-*UvmH)d}%z&fE*!bn%)5V`jb2bsw}$Sv2j+I~=}R zLOj#BJaHQeELy5EDRQ@yV4OU}EM(kx!lO3kxX@BAmPA~K+|LD$hEl)u4WZNWL16yD zC9Y2%U+TTN)+2L>iZ_obXnCmg6O3_iFZ?Qs?2&5^OiTq%begp5wJ-@FrY_gtC7Dpz zm?K<{4`t~PU@%%}5QO1DdBO4|{9kU}GR;(j9{>Xfg&giQlgAEZi|$Px zJFsWeCP!p|n{5b6R zaX~ub&Gv@)%YkH(q)C*F992Xg3Z+o~1ddy6dj#ipd z%6Wb%?0Z=u6)|)PaUA_H>~I7+MFMLO7eNPb=unCWe|CI^d2f3|>xZ0Il4?S#^f~Jq8nFx;o&L7Pmxsk#ErdN>f27Dnc+a z?@#u(898tRi4RtuE2uA0>kSi?X0KGAe=xa?8=kj}o_Q>;J~O1CT-*$2enk7;btawm6VhwCQfqQUtQRtcdXgbM{kTl4$qVYPd-ZARS-EQG za^9fQ#;{wo5XS}andKvo#Vhojw6SX=atP3tj=wEoP==T5WK%!SACfF&mpsXIBpeTf z>?9SBNS0LwhW8|jt{+GdjJ3;C{1Gx{ggp3jetUj7+mi;SuCE7n7zR%JX;-wknqma4 z=&}`KXihw`YuP4IQKW@SmcG+00H_G5#Eh4PJ~@q1PC^{`S`IQz&kHh|q2T2rAng^) zd^luz5~YzKV9bTgnW2`GS^mCagbh1lWLXm9c&4<5<*ah3WDcxyl7xVH*=(Cj&#=Vr z0^=_ZGUN=;u5U6@VdxI7YyXc3hj(V;vtNuD1+ z)`V}@;mezV=b#gM4*x~Sg;xK0sfIClTB|(0EAY801*=eAQOT6hwI@_l9nceYLcj1k zA<38zyk_$mB|PXxk)SkVjTo~b00j_Eo%IZo#7c!_r{hm0f$5+)i8V4{BcOfpxFLM6 zJIiT{UPZtkF3ur9f9w}>Vk!GTIe;;aO_U3|K{zm;lnxBOnXR;+rXtoh+ZV!*n$n%r zAIt3SB%@SOE-FoR2e3I_FGI06RZJ}aPwkSq^W`N7Ze!CnW)bOb}Yc9*5;fDj34 zqfxdI?A$?yMM^yOtIH&6IFQm23TC;ID6Bg@Sfy{R#edF#83!=`rdi*hk zY&Aq^oKu$5UlL)AK9KM>%l!|67#k?D6gGl3nOF%`4QnuEW*wl6F z9O4~r?zFbcWgQ4=TaWchpLOAk-Hs_svt&~EB+@uC#gs+Kh^e>oF-eh#4iY8zqy?u| z&oGJh>)0iUV^dxUHD{G1Y$u|peM2b%_5+c$S_U`I6?e^>B zp1=pXI!p_s8yOV>7SBj}eliw-*D_)AUPOs-?2|zsIF~~!^uFuT0#1>gcU((^({Hyi zVqE0ogn3emjgci&x(48NEb~=CTBiq6jDhL6Ov0sY4uM16=8$+khae$=FLQTDpbPB| zS^JsQ4BvdS!9#)P>XMN~LI*cG%9gPy^i$`s-h$CPO!IH#a^VwNN?=n3>| zqzXKi617zLt;@P}HIxXRa3GZYS9lj>ILtk<=mRsY6@(r0V}$+uk&}B^SaDKd?oR#g z>h(3xNv)j;bPitrKv(ZHi?pl7D;$!%eYY}Ntyzzt=xRGPp$j{_Yu_ziv02A>;T3l+ ziATvoU1Jp+c8wKYZP$W`1oz{F7H-`;Rkv9ORr%HSF;AkbeeYvsJ zqh~1jdNQk44=xIOx8)4V-6D+|x6$wS`v-e_@Nd80xBu-Q?hgJm*xNbS-R<{x`g?!s z@9gaD@BIn&pR?oQndXI`{i*-tw(QRRPM%Mndf#opF)jnyfLzHh>F=T`PBRj-2uNpq z9U!?7WcFT`lr@tX-8ZH(A_2c`es|v8_^$W)^Twx7()i9Rf-YNhUATMhmRFjGI=l`U zBGi4)7{F1K-1$+Ld_1KqSENwn1v5V$VYEr&5Py7uHVGhlbSx{Ak7uQ3j4a%ULh5un z8-7Z-w0VTQ`|tB^5R+~Y2SX|?&j#McJ&D63#4q4ZAagn8$X?3WzZ(-=_{;=NSa_3< zoll?8rk#fwUINavb&;ushfspd&Aca{KmQrJiQ`c8*!q)>Si|{mwErpV??4Z+h#4$qN<&(kOT$tm~7?QfVa2h z0B(|al+pItHkX4bLMGqi$Gr6RH+D6kL4o_zqhsW4#z}~8N$RP7@(%9p?P`5z8dsPrc&}TcE@|vOavK60ZJ6pHM0@8gzJ+b(tyNXQ4e5i-NwsNh9@ve&Rhm zMq7|ET^8Cz+a?4Y_UeX+J=8nB~0U| zo3^vLQL%sNq;VeB)3zBKZ97=1oLi&*7J{RFh&=MK^DSMu?#kPaV`h^_2xi-PoFw-Y zB2O6Z%?2LwPK7g(r?=~=8lLJGj*ILuO(>&5JNAI@Kw*W;UDHa+(bB6QJImPvStdxl z*FYgO$oghDuB#&&;Y-pnKKh>7;v}G4tP3#)^&V~OtHeTR0XQ|wiwqI|mG1?6CurX- z!U?(kJaNzB8Q5|(b^6HTzbb7@fkMMgOl^&Fem zq%H zCy6e=@XZ03vfl>(JsWUtThbK=Z_R*i$one50J+X|`0k-D`VGZ&55)!AqYVpq>YkDw z4{|=BQ|zis9vi=*U#C>6hi~jQ6zb5aHot+29=_3D8{e3)|4Adt-_DMDy>Dkn-_E|B zc^V3=Q3jp?+SWnUiw3ro(1iaFa8~qg>3^B}qpct?hyULh9PV2D|KQ-Tzvll}@znAE zbjG{PNP-Cg?5x&eVFN2$+FQ(}VmOT=`WM|}9i3FX1(gA(0aQ%C&IGYVBT($(9bOcMR%RTr1>w$ZlM8J*i~f}V-nVy(*k zP5(5{qgy&@IhB8qr-PJYi~{WmTCI1d_2_zlAnSzcjS%cCILDX-m|f`6Qy! zhX)4Jsbz-`9nd2GjIdY z%tERuZ2i1hKtr{Dp7UvU{6z73hgxb>IN5i8g_IAN>-ru7*b`FN_n z=FLV@Z4bvVcI8XX`->q^R}NZ(XiI!94QN*zNR2nyp1aBP?n25PVYkIH2sG;AoUUzh z++f`--UB5d)en+v&S+oWfV8VihNv22xrN1Ygz8;=NXwLv7vlSi?#~*MxMm%nM!731FbSU?CI913B2&Sofi;v@l4H<1TgK0WMmzdA zl>iz?9Uqi)j(#B%3rU|O;bH+XnT-M9eo_s4Z-Eu+Kh<##&Y`l?)FJ(vPG~dB>#4}s z%5L7AL|&q8AKuH*j` z({SS$Y}buiSl$f6u0k8B+HEEbAk6J1=MX-=S8UHbI28kCL9$f6o=qGa04h|Q9Ij`z zux)^GtPk*q>Z;m~W~Z^U;dav@Og@@Uhw#^OP6z+kWI9B<6{BfFnl~LBLhn2D5*Ij| zh#-5+!Ou(u`X9{kkoQ-tqgfy>7c}Lv-i%8>S-N!CwpQmX5Y|8Q*Ecip(LMm0ow9Aq z?F(g&V~!KIc_v&%Hi#Ty*ej*$21lcdb*>pA_{)q)s&{(MwZu<%Fd^JkC2yqreSWfGBq z-D*|UNo6rGye>OR8cve@=Z{%3P3dnO&yIAfbM97Gf6jQs3_#9iGiMgW&-U1SBKSfLy1S!h~m0Mu8do7=aF05EIq8YS6SK_#XfU z6)w91pOuhMra1ZFt09_ObhU_@q8_}IV6->g?qu5yc_H!nZvo5Fl_FE^Mv8T5cvc&wntu{KVSA~Pycz| z<|Weq!CsmEAFk#9l{}LE^DB%kkvW~jBQzp~Vr#c8B>*BZ3n$KRr{0VFlnb2>`bEns zPKefwK06DKnyBR~MFnL&+=is;5KO_{g4f6t-#WZL>7G$WexaTHgAF5H5Kk7Q$uPpB z#S&rGs@&ht(}@0ym{N-Ao=|QB2WYk{gD*$xm8mZgBva}XAs8VHH7xAHm z+$-9&!b7yv*lO`1SO*^cNpysMlhOQDaQtymq_+{6eBQFK5P#`^FQS!?vNSM1vM<2# z5}sL%K0^{=*417yNqh3UO2<^ii%1lsmUO`M-rwubp$hN1ie(A)`glCQP(R1&N+Q$P=87FuU3w-T zLyBQZ8V!EHD_J#(&WK_hQpr}R8m4JARQ{yWuS3S2C0J%Pu*IsK;@^o1wiSkt;9#S{>PCSX}S6z7pL>g`X4nstvx=a zWM1v-sfsl1wvhF0H%|r0=&O3&+S$`qQ7pylQ+8$cT&|whk^k%tpREMgmh`{9@lON& z|E?qdLw_CrX(dms{SRBP%QO6O?zIkFzHtTL)AV|4ezEn_X#daBxOY2C;{`K7%;W$1 zrTyPO*jwv=R`OKwfA23Zz5wetOJjrUqh&&p^K;VT0bxNtrr127@vq2BQXB)Q`WltW ze};^Lg52DRZ0~_&cr^91xj4>gQHSGbvlPPB$!^TjSTGt6WK=ePEkNqOkGgyPSWjd6 z&v!%bmMzs~%Ktn4eVhL~*je*`D|xEuzi$B#oc-qtd z<;VXxJh1b>?e6ccBGv6L|LD5><)7x<{Tij3T>Tmqo)+w*h2gh& zbNxTpw{PCQeE0gS#jPQE5#M?K|9o};8QnZt!g&)vr*GA; zkCBms_I0pZ~8vVf{qhGyBlT6F;rJ*Ot?li|)%<}ftmP`FS ze@L>BjSP-wud-yqY!w&>cZG+7vbEO93No+ZUp9%*3?Fn;9i`3a=3_s@VOJIuBgyb# zUuzbtrtL7MN$N;S_7{}J5jC3_JJ7Nbnc*1c`DK>eK|{uiruGh=Z|U(r z`UgAq{r_%%XPy6hCC~H3|FEUT&Y}T18jzb!o!qpr?B1-h?0$cFaeMOa=BH9RJ~&*O z5Z-1)SLRCklG1SF{V#RX?KOaN_y1wZ{&%puj{mTdr%M0#ik>|hK zSxe9WIk%3|0m;uUEs*>;M-OC`YoZCVs2u}tCz~^rQfA~>F4v;udjbOzd8NMm}9UM ztW>q^fvUySF+GdkWv`*$WzVg5DR=Vr?Ejs%be7{#(PG$Jk z*#Gf$Rt?AQz#6;8qcVRn|1R`6xCk_s>lo}}PT#Ry2PjQKkeGVB*P+?eJh9&v$@E-n<2yUfoXYne!vUu2y6dcu%R<`dp3@4Tu^ z-?mO!&+Cp;UsP3awC`G?N0Iv_^(`|&kjf*QPDN&RfdDl1 zl#slX^Q1MQwHsJ-@*>2*IZgB4j9u?Bgyp?X-eqg`XA*~6%>1qDm8TpsZ@}q89{qY3 z4cHo7eP=+W35l<88j--yjhfnftvbJ+n)n~xmDGE!(k`!ri;M*NNDnPMPcPrSD@a8C zz;v)TNfJ-wzq0#xjP}Cpw%sc-FrTFiI{yP89YMxf-zaI(TyElGX zedg11jKqr_`d09uC7j+8;g)B(>A(2olf3K>`4yb!=Gc@^b@TgTXM58qPF7x5QcCN?)t808@Z8Ay&zrYxCXT_0#D57kNe(bN`!j{tpIw2YuWB zZ+{*CX*Eyl^Z%UZihY*TU#1jY(%H}9wLJOtbhuAG_wC%eU%{!bk4pK>*S|J6@ihcD z(~L~~?D3kX_&qvCBkcxUWd3y?(&Vl?El8xY)iF@kh5M#IEt1zHzJJCh_<7A+s9QSr zgjn4#O^o@yW`Z0jl;_D&s6h+%A}h5fk|fh%wc$Yu!G?ni*#_kh^N<%azGp1J+uIAQ z^DX!4)IW&Tf~;K7_9}8OqWK%iIZwt0swoZw&Bxh7h!1qr-6yGCeqH!?Q5B`suc~G0 za8ZYAO9iM&7(QgQ2YKqVZRT<8J!FPMF{s=rrQ#<0Zi713?!L&!&bM?mQ~}v8ak27H zARhq!KmosT_=bdGgdhBjk#En98Vj@X%B~=YtY!ag0fw#50hQV`C^~JCnR{!m9f%$q zcYiMsZ0G+AJGxZX9=j5D-u?6rXE82t9%P}Xl!o^GdP8(1Do<@#$w;QWWKH9wY6k6T znK)-;(sD8;&E{cJHwBX?jDB_dl>^_Rx$>A>1l2M9KrJW63rVr&jhB1HmSM@UptDl9 ziE0|mU5#y*`fKYR+!n-6La3^7Qpl7RoZYQZS?HvG^$Lsf1+hy_QBodwMdsrnxtCp6 z>#9qVUY1M?NXJ}ck7+{UBKHghwECc@1Af4FU_d1-ahf)x%{XsHUjrqJq1EVH7E-W? zdn4VJN}kB|=cN7C81L$%)u62Ubw$LtRS}g!c1wy{MEQFu`IM_7)IsAU*F$h?KxE}E zlu?_QR{Qh`hOP_arOls%RO$3u!GxQ)Q!El`BUH+CW|2<)f0hK}6|j}qVc?OE0nQ4~ z-PmUL3WM=k_X^Jlr36ljPKKzf(5XZbhCnMP2g6OY9WyF_WYb8Qh42}eIfkFjm};H= za!taxC{i`8sb7qZ5bB!26MWNW4+#%{DSo+_;7++l%Ebx?6U-8km+P>BW(}ENEi8`J zO{jP!<&e0HkB*U66@DA?ivuTP<+3qPh20a3IYgCrE_{8hOS)ivr?qe32JzD;MO!a3 zJR~1I2AqC&fh}Q%(48OL<2XDrUd~5?r79*IP&}R7;fz&R zY4S_`Ft{cQql@|N=W1ciZOR_9sx9~j)^#`1|8ko|W-HxZ3p`K%d$42Y{~H`0tmFT# z9LfS0D{H5O<~ZLd*xIXd4m zNJU@1sOGmkPG!AfxlHqWUnVmdi^q`1IBXJ+y7%9M7%&@Dh*o7ZzE%P2_jL~}#FR7% zuW^KfBFT=*B82wU>SSdJRt6FXFkC9J=$L8&UVGvf!T5Dk!@X|K8-MMv<2$HQI2k>p z3rlfRpJX^kM+r|}OhH-oB|k!c^SF+{`-i3MsDOoQK%EIl%|LOqI&~lgb}x{E?wpGf z&5;s6yTO8z>~FU)qL-t)r<5+LNRUB|av;P*Ut0xCk)7U^J}8-hq(4MSa9{bM8;~$F zzXHT#NQ|L`C0<;yst*1QTx~wQ5{};Y!_HMI5GJb zYNY>7XThSjzkg~F|7CD!`Tq+@mt#yFaE^Kno3e0KO%#}T^6INfj@<*U;lH&+-tRNV5%;<@u3YUIe^Ri2>F_JaWD z`I{sZahN*HP(%)<{H~iVU12}`B_joX8wc2fpp4qZy%CcGL9!#PnZ)Epl0onPjCD2jY{v|GE=aX>MF|z;R=g)I(c{8DMK<&QoM&6eV|lMAyu= z)1Zh&d{LW7{Wkip6>|kPMj{f@I_<;P^EBfBvOE7N4B$NeZ-3AB|EB-0`M*^>t@uB> z4xS~{3kCdj#CoBav@{@qQCW)JfP|z((=Tc+AP1w&AIeXQIfVm7@uvku6atn-GYH`B z;?XoOaCVhMxPq~hI9P1SB8SQG1Xc5;tjHMdt92QWXSUkp3c`EWm}2#img{vSvj zl6dshtb$6jkgsm;n_-$I5#}L|{FLzUrj=8)A;KN$8?llwi3!cR{Zu>@XD^S)@#&1ne@pUlr$$q~N- zj!qkrGEb*_t2`~#PhConP1|{<@>E=#bT(9h6&Z;~FV_Kn)=%rF;rY*;qMj%IPk*PJ z|9^jPt^Zlc)B5}uF*BZt0RZ5&w|=@y;8Sk=Y}dk8w|yI*GzY{lc;#oH;5yN@;4oE? z>`Tmi7JzlR7HFZMzqMNpZGw0t7b9$pv{YYKxES^aJ2PvT4uDn3b*Q0OJ=@VXwxGop ze3H%yTgHfY(<~{HAc@S$*+$+^H#e8p(igwp6<D!yo*}j{}@Z9O$$}(Oq{M6WR*y7Q>z&Mae^lh5zr6v`vP|FUPVy>6(&{-&T^b zdwMa19@nOvUwYeUi=}E8A4S6~wy-Q%zNZVsCstnmG;ZmvLZ3eA*-&+V6N%c{#{y@u zA2DT%h6?N}UJ71gt)v+=Li>Q4wRV2#%_-?vW)*l@;}mHX#WQ<9ozp{30-vXvan$@ST{0WI3+4OIttr%C)6+z_8DrO`U<5Ptx z#1K`tQ85V|E)o4wzwMRKWCr99X(Recxf{^)>xC8#!{C&RNu;lM>@p6o!y+rlpaxw% zvH`m=HKQJM)k{5FfS#+%XiYK`=0~uIri9ll1T2OJ7SRwbaQ&S z;j)NUB~<4f$lB3VoDhsQR0YlRxI8{=RU3!TMG``g33^;Jt2=gP19CC{xUF~w@k;B0 zc%>SvSV^vp#w^=w*7|nUXL_)1bLv;=0G!u*|K<+Y-x}RgNptR0p9d%A-ii z_kC5iZYQ~;9j$eaU+`(8|MS_UYHKy%ocq7Q!H%u}+Zn9wzgF|K(*Kz^_s?PpW-hg_ z!zL_moBqo*LRi*aVhQHga;I386D)s9N-$fkC(K1E&fz5`|8lZAdixFi16pc_zTCN2 zPyZuw$G-J$wQjaO0OryEoxKwM-&y;At>%FQ`=^Xb>r0#IWRV|aiI(i4F7danHnlHa zI1OWd2IVbeu&Z|dWl3jZL4+;WdA3pM7rN^hPahhfT1Ps?Gw)fxX z-PxcU#H1UY1%WBP9d&2D!9%%lIi zyN5RY-|esCKd$6q8##)S2lVsw4s-Sk6$!e-C}G@Mh~sYEMs~(izgN)o^FXK!x~F<2 zt?8~nK@ckqkacZs)1xa~Ofw#iGEK82%?Ooe6jupCjGe%!ZO8OL@v2`;Nb+0(4n5OF zH^-A1&Q6m_3PJtYc zl}4mvUlT7BfPcGwC^?gzOq-nb0g!?MKoy2+J$1cYoyK`T9H?IC^O#j(9KS%!W{r=9bZU1|? zzt;b(235IWl7@z9qhuNWO6+n4#`L4 zb;^1Tprae7aASgeiNSChMUUv$sUMLcp%gVuVNSXmzhDL($``Z^IzKtO!+}4|G0Kw( z1{sbKJ~op>f}=2p%bAEwNP$Bt+7)AxqpiC~nB|uj*R(8&N1(~t?rxk9QO1ZQ0}>>0 z;gdM$3j*Ge0zHr@qEg~Cr+DVb2jn@nb61VJYtdFtJnx3aaXZ5%;uXJ`S<;Ftfh(`N zQW0zAi4M+Reayy2RJZF@w$~{!0xFx$g21FrM#r=ZkSl<-W1gXQU`&RIyG*G8vy#g9 z28kg}7@KhkQcYMrxf5BnX8RHG{irQ;N*Fm)NEbOQcD{31Dd1%0Q%TP4S{ehbuNvv$ ze=Dvt!)fFP7;QY?GoUo1c?7j)@vI}Bk4(EG(Yqzr7 zRe)pjPPVj$rG2{0V%iW;rRGFaHlT19~o+NROE8xP{Yup-aUibwbP9p&9 zf_%*jxM1tWhdznWme^1iNr8Mc^CJ=>yUnd{^KGvRBNv6PJhJK3dTd$#C-S=RUm0S+ zL&IOgxWOU#YZ$8?t0+R3QiP^Eq8!QKX$0d-v!v^1g--+dPi~UlE$0L1erX{H&hh^o z^h@!-b`ID2ztuc+;ZlY#?Hv2ACy9pRen1gb3h`6`WQ3-J<|}hb z7F=W^!Yn%Kz(=J?GAmt9qe$~4kQd>0eVm3@I0p{Sw`ZK zr<8L>7SsxpbW|Dbu|+V>PkPky_tG#p^G~u74_D6L`s@X>S;|JzGr{OF6f$}LC-t$Z zE!4a&8c3@CeTA4-qg@F1q=Ne})w(fC{mymE$$a%KCbHH8};p|H2LkD(1?Vi5k+6Bn%O`I z$1@R^mQldVcjqrT9RL;lQJEZA6WOIz_^27_Wd+E0*JoF^%ZIvrh;L4=e{KmA>dXat zdwq7ZY`~X4HXQ&+R$%O}?l6aVYIX2`yn6fYvhlPn*v7MfcO5g?p@?c0mj|8slw_N_JF-oV=^xtn~_ zqNA&313$t)UcM_gaq<5A<@w3&`}6DbA6}o`zC3$>etLFowKGddsG2g;cNkD!UY)-` zyShC+xjgyd{Pp?Gc?psqMGl-LoSXk`Hgz}uTb`ow*%{B4Yje3dGrwr(Fo_G#bON&V zeHs3BN-`WG563f-CGmuw1T#M){#_(|5F(NnC>f%OpXQUwcA;aKw{2(+md?Dbc8oH+@P;3owb-f6p%_k1%WDhm(E=#8HmP3Ui{TG7kYH#A2KF}%=Sws=Zhhoa0WrpU;o#y7@k)TaQk zL;!D+X{^KJ`&<7g{p(djRns{K^(?u=Zro*T*4}p;2))7C2CxXGsY;^Z1#pPsxv zLn9pH%r9_=C`&-%VZypfOUg*!A|C{VkJ&&>m(MAX`gnBAvn{}tD`a0N@f>C(8a?lV z2Iv^EST@?LGAdBf$W$SxY11mjrLZQk4Au(ae~+h~{x?m+1x$eE=zse=CHtSje*bW- z|6Rqy^uHT7V~o-yWa?Z}kR-0r|8_T;DuB}@taJvG`dJn%7D$x+PQ_oT(;StfZ$wSMQ1J>0sw^S17M*&vwurmh%SZx{BR|iD(PHUkTP;@}jBz-Pa3&+Q>o3|u8z*^j z!R+;E3GHWdbtSDNcw6yz13Wa|GK_Pjsgpkp#lKO+eIAfA%W7XWjnuVn z)S;~Q;t2iiAJ5UIJ|GB*Ur%UF`;)~;;pQ{1Nz8pMmAGMlZlG-*WqyD!aYlf`Byk9p zv=Tp-3RG+_O2g&FTT|{o!>ONPuPU*Dj5);AeZuPCJU@@~!jB?DrB~p*=o0xs|HR)a z^ms5L&i$4@A00ClP+4t7k^J}qZQkQYT59VaKjt;<{D!76`4#EsES+u!)K@ZL9|JZ<9}puXU)H}KH6youlf`&|bxZ!&|H$BJbGQgOJLMhIaD zB8VSVED~pd>ZQU1pc!-AUH&B2-agb}uIAGDx&4f~z_gG&8fo`z#U6jFF8ftejoJT` zi1<9ZsP=P-vQ(Ue_*x5HsQ+GKGrks$R{Xt0@I{g)Q8IeGPBZL>r%9X_nNMOSLRWrV zDgqJCQ~($4=c0|Q)s0{1X{-OsiuO)`^ZdUL_e=3V27|T#-%1|17P*8_piu{#G%rs0 znatj?+MTx7!^~F%f26g08ID7o!Pp9$1_oS?t_Z=JOZ6)6Ec9YihHSM5$TX}4g&Dsy zw8b+$CiGUxU{Zb5E~HHFinr5@IX>kmOn_<1rzs2$Z879M8YY<*lDdnwWC`?b{zChN zm_r70D|0rFl>sj2Wn>s-cYtdxF18paGg$N|Gp==2NbAaI))j%Q?GV%E4XqKv8fHjB zsZwpaDr=yPlhZmwtNt$S|CaQh>4=sZ|7oz_-|3g)KOO9@>HjL8+W4=OQkfB8>6=M1 zjf+d1O$ekz$k9KOI~D_$<>^t^6E;UKuUmEGKz^;{cm3cwoE(#U=gaKXYu1OPz!67JKs>Dw1oU zzLZ6t*e-~rGtBA|gUWHQc3#tt2R^ihQ-$d9WEvHO3M=Q}9+BZR$w`r9RE{~SE?4+6 znTF#I42(J7(WJV%9!r>7_aH_Oks4#WVE*~QKI>B-Ic+lvMu&tM= zrdEP`>SnJTZTg{x6dG=T9pv@yNZiZE0#C0Kh(CYhkfFq#pO4XB|N7^%x3B)p-{WAM zAn#;aBom(wU=%%~AjvWu6qFxG6(`Z{c0E&B&2HK>g*h!XOJi;~`iewqOF<$S@O;pm z@wF=4$Dia-+(X;i9j?)P!AuJYj(WUa~6M*b8 zX@dFi{m$3Rl~@6^Z%ktO{27)47x}FYQsGNO?X(mT> z-_Z?dW!W%eBzX#u<}x&m3lhm$O-HvR&#)gpqRu;A{?m|9e`;qj>Won@!_Wb_Q?#-J_h_-@R=Q{l=JF)ad|jo1b*P`7`Qt zKq;dbF{w^W@$A2sXXkPfmG+)wKI7LN-{`NQ2iIKNyif$hI$3JK%n8ut5 zSEsMffjd1e6&Bd=(y!0opB)eVD98V$4>$5Q=@(DoE<2XtJWb*pA8&4HY#>4fnc!qv zpiYi<(T+C0tP&LlgNRt~5#1jGN00={1ya@Hw^xn=QW9a$w)~q6(ch4_DG>J1@iFo) z-(LLap?^>!RQ~w-?a9mYiyzSyMHi7A63>dfOrc-+^k5?~n&3&2J$mRL)_83<@VWsM9Gjg7f16>U8pygg8Uq z<|j+;{p|ghzHC`XPiaFx(T1pel*q-bb#;gKGKoWzYpEpF4!C|0;1p&lNaC3Ca!H(f z4Tr)dFw3P}Eqt=|`-t=MqGSUYOtT1eI&d-7>CjV|j+sN&{Olc>A2cE-J}`oK^!;DH z-|bO^d*TDg)}Or|(9#|qPh%3qa9t-+hU!tb^T~*TL7%g? zuQn>Y0Bx0gy~NR}NHmF%t})c-{h`+6!1CrKf4Eq<@|5EYx|#-Jk0(Frj@6ICP|E+ z8JYOmqeynZEvju}AD5MBMDDuNf<&TFmxGd-ZglvU-15gW@~7FY>&8f0J#OV~7UniY z%`gK~IEmjD^Z3^CLAwKZ*7lIa`^Y^TukCH8QO72XJS4QH!vMA@JWi=RN}Faq4%4(&n;Ps z+V(Kk5o^!6G1Iz{myHsfsb&FL1k%>4Qr^kCo3~!6u-*%piDRR6W#r>(#fpSo2eB4g zg9mrBU0TOfK7ZLnDP6z$g?@0O>5Ypb{Sg;Oo@>(V(n58W0#5=tVp-4V3s>2#*}MDX^z(97=RHQ?|`%N+}^Z@p3aBsT1o;c zxQ6@DOC0%+(g9JMM!Ji;jzXw@SOs`0*-SHhGtO{6PNJ|3+b+=%FjwbPqHKO|2sAbQ zFm0H|XE(%#Hl*%9mvsKO1f z4=>zd$tv09fa5MwwbY?sRDsp zJN?EE;2QSgY{c}KX;u#m1&FR5vEu4hXazM$A|fO!Ab#nd>`kDs?qo^okA&&ThERE^ zw~a8YBE0sY|7m^-1|y|`2Hx5Lv%oMlW!vU7^2y{z&|cR((t5Tk%b3M2WlqW`bldJX z~+xW%x51At;Q_4;PG#pcw^h)u%tOy5>6JA zTGhNg%)=yO8pb-D=GJgAtSV@zs9d~PtO?WU1@uoNMwo1M({f!CN;GS$ArDW|;_)TP z%O|!#Bf)vBr03wT>s!dlzwm1^A-3PAvk_U?)eig=WnIyg zC7fzU7Cxd$R^CHwRAtCmZ@a1pGl}-Ljd5q$dL^ZkF}dZk)(U{XCuY82I?)D+j;?*N zsEx)IfXbG6YD6udHwJs=S>pI zdfF?OXwnEQ9cy_D4nK~x#aZhZbx_T}*KSxPG(!dPleL=)$w5VPm*O#BFV=x8KiBqC zlmgW*FG4?T ze>18u4(vL`K~2yNS0Hd_{=5=0EPI8?Yam)YDQw77jOFz%K z83AvD1;L7vq`mjebLS2YVq7 zB#ATv`zu&wx#|jH2jRNa|1N_aH{! zY`wOw<_61f{AYL6+_*GIwF-Di%Y-RDlHv*D+N=Y~E)v%$taiNhnrmgvR=7d~BT zl&OK#)S7vv%N_-ac&=;!ig(s_)923{0=i=c2}JZQ;aMxCbl8e?@K`| z(3Tor0Jkj{Sq-=@Mc#v9^h`9j#JDd6jMnv*1&mIn0Zg0Sg#l_9J`EsHAbafiI%*3n zNG5573xoJ>@defv7F}ay#Q4fnz+6l?JyYBAf84XFIrG;*|G&SpZ}ES7JBMri|4JT5 z{GTt&{R!8(GV9ma2ai|`Zv$G<8jO1mJ#>{Gu86g0mo>sA+QpT z?K$`I&^QY@dt1+ARd-Ca=BjBZ(SQ+xv5;1mzeYM!&09Iz-R&O$w`%V({%=E0+Nvda zXfgjTPAyLIyd9SRU!F&kB*e$uk!IysTfD4+I*>EKw3?>X!mWbY9vtIo4M^}R|25)@ zQV?3oYhXE}MBD0sC$kF)_F)AGaNsT!_@`$?g6X>7rv9%}T)_--NOC?kF#%a}0;=ID zZ7^4yNJvl`)o2RL5IMHmEyxAhV0`}bx5I>#QacSc?ShR}bZqGjDw$;K>md2<&}U-M z)(Xg#hF6tP^`)8m7Ef#Wk45WPs{FS%u=W3YyMz6;{I`nd>y!U@IGCr%e+-0M{wqhD zS-JeDM`L`F{HFo>Qt}@|VM+2I2R2v!vl^WzvN>=x;Ixwes&ITh`OnqcIr3j+$DSnr zaj*tMz+XXNC6go20*Z@%~2SRL{FM)9pXuobj_arqm1&=znLVU0nMpcWO@EHFeE*K6M-Sy2!M0szk|Wyo-P0F@2&6uR`Psx z@}Cxj^a&!M6$aIo0^Q+OS1kxGLk4Un{-vYm5dPFC&XxZ-0!^XuKkL9c8lNM&RiImf zW;fmftPAgj1w%Pz&LUO)pJRPBub-mT1;j%ITjxKtxBGj$I|c_*A8@#y4{_FQBz<+_ zq;#z$Kz!YpyRJK%j(YXQ=NIV9Tp_HMpf5*KYyz=L^0fxty;PPrU=4&z1x)YRf+D61 zSgM1PM4|<#mNKS2J&U!}RMK2dYgO_lT@%mPWR=kQJk7c#&##X7FWfIU9^9S#y>_ia z(0*1bwwAen7f)OHAIi77{hc5Gb+BW{f89MiT>F2mygSk>h(QqJm9~&$I^0?17^xZhX8LDm?LDDp)Dd-JDRK$ zm*>d408M8J*o%YR!@n5ZfHur?cmO$Ji(g(r*2#)3u^hRn7FYvG1?qD!3(6;KMBB*| z8rrSlHhuLt{sHUGDY z=d0uYAZL(+{cFbj(b`Vl&rU_OYSvGsn`Q9{k|^7YwA984i@_y$599*q^p0TvPV zCVml&&pxIZX4#-sUil8o9{=eR>fU25moa^klrmIFc7)FL{FQqsN~q4K@daN*A<^mPg!Dx2195eX(t+PQ=x1%l2n)$G!cQy7|6G zRxI>JJMZcH&avwj+;fe0oYiD`x3%1BO?Fz%-dg6iS{Wn48e0w@q8*S+Wka+bK937o zT>fh+|C5P7T158$Qv?0~!M^SP-#;G5sG?V}J9bb$wN;4_|Ay^cM6A0I8=Boz& z@z54a>)^r9t0XBji#fj-cZ;N3j4>;Xyit_g`4OCo_1oHPL>_P%PLrGzN%knh0C#1> zUG-5_DEyICioW?xWtR~pRl1KOI2f#!08p)*K!;F`9h&A8I(?b*BeH%tMJbQvOPfD5 zs)Fn+e0fP&9x^RGGoKypb^+?*P*2wbMZ|HARAlC{pZ|;>B`8(5+^X4VsiY?HIwn%V zshLQv&~wfs-wH32;2vk_9A@-`kOB_l}xd6YQlgV`| zzPiB7>j$ee$V(qGouO|uOb(Qmcf!{{P0xSMhd;;p-{0S}_5c0D!*%}ul{_uZ|DUC3 zfbznRLn>3VWl^`p`N9!3v`GGSx9Cn%!DXf*0qU8=D8y-$JhFVt;*8TpMKD*$XMtIw z0k(#?ITv9G`E?ckUwW3SpQihtXA$p^c$DG19U+*r{|AFZoB!Wg-~X-Xf&H(Y!N8Cv zLw+8^oFhKxh^4`*O9dT~yDnWXU9n6!2wl|P!AG{C*wriDGFR$H8hmK8lQgxjijVq&b` zafFU}UmEvBWZLHS^?C~CJ$}p`UHAy8FdPd^>3A^ma(gzUlkjQC?c z3)26SAV{Wh(d-zQNB?)q@&5(~YyHnko;mcN&+`JufX`RR{L_G!Y91 zh(+7-q>%VM?}4Fps|tYz$A^I8I7Lp(8TsOeiR{+;O!;z8Q~J->&~2JzMcZq@dGvpG z@6hJ|_tyD8R`XQRe>%@-m}JODBQnD=x;6xYZaawp7ER4ba7hcyrT>5vrTQ}wg(@o( zMJUyn#IuH56Lx0S*GF3sj!jtGx_#f!ClT5bW+oR2Vi@}wMgl=P#DeqxyZ3GWcklmr zNDQ2nQ(UC^ZgaSZF*7?{caT60{rG?Z{o;oPLwtQyEct0n|BEE^NA2`J;+aSP_e%MH z2ZMvP{%0jmd;3q_RO_0p3UnIzd6n6fSUCYLqin5s=m;DK*lh-?70`@9(L9qXtGSLI z3qk`a$^qu4A@~;l6?q-6y7;z1uVkt`t;7YyeE7TfcY`tui*O*fw2|x6lh;n+PArfxOJXstJftTPwDShY1=NMVcS=dSMde-8)jm{)EuM>2aEjv%EJ>9y&$Rn*!x7{5b6JRywqm zj#g54yZO>YY5lD1nNR=OLE5_w{M5fA(E>4`=FtD$y+b?x_s)KQ?fq&hPcCmS&TejhIKOy#dwq8G{`~Z8p5Zs=xb$^m=z53bBMwjf^dtmlLh!Lt zUxR60B$LX|0KD>R_(+LgQ2AXn{W43^y0$C6i^eNHtJd8G^e~h-m}aDS6mqGtsr)dk z=<)Fa0Az@OHYkL&0~H-_h=d8E3JW>pRoyq%!*Sz!E!wmCYA%A>7M)#`X}dBqyX0E; zp>M>s(11yxX)WUX>*6@43u8O) z$A)(6Bp_B1B~BDPo2q(lsJ-t{kWB63XlpB#oNi15e|LXx&Ht_B0ZMZcMacuolLlbZi{Aq< zFW;YfPC_7~3#GH5Onoci{d748+&IaLOTQRzFEA*S-mYs$uw98Gf^HYE5q&!rl&Vz5;)X&PoFSwhs&uxrl#fuWPc1!RFv zo7z4-IWGl>vpn!4I0;LzzE)bc${lAKb?f*2T%Ugv1EzdNMxs>s}9ikC?-EhyB;Cadxxc42({TZ%k zG>!ZKkCQ0G8JhVSp?r#|>jI?|uOKw<`v>3KO6-wYLetXW*^gDxo)cyeE5mXwW}wsR(v& z7?(OYpQdUV8_Hb%+E_{2Kx>%RFvaBshdkGo*YH@I=YK6v^YedU^UwMApSw2yKiFN{ zf3D^M0`mrEBMf%^Q4;tO%h)I*tHvQq;|Pm`f8(q|Ee9|Yq1s4MA?9kZ_WUv%N*}T zpn8do(b9I6jr?j!VvGGB6bs1ye`=!tE9L*+>G#+EKP!1^<^T6dG@ann$S0ExIh2F>6rOoX=E@Dhvfe-`X|&en%#F8{x8 z`+w}O{XbUpIQPGrT6^pBxazHUJp@Xx+wTl;%dH+MJnMJ42EE+|kNmsZ{mn3_XsUWw zBTt07ckbfIziYLLpYXKZ|2zbB^TWT1|5wTXfB$f29sg@3kGB8aQ_Cno`CCI8AVQW` z9Q&HtGl@g|@der>1)jJ%(_O&4R)fC^Lp!2y$24D`uSccYwTQul=q~&$hF*F!SgT&V} zjGVkX*hK}{RwcJlPc6Fto9%q|%-#RHw*BYs{$PFovy#WL|LvXMcF)^F9*IZwJF}h+ z06xYoOU%z74M0LhR-bjG zf>=<5N&=-AXbGrJa^!_=TCkwN*mnPG{uqsAz;$aDUmyB40Ks6^(B`8{LJ%y)OKfj;n z3G~0Q3^-r^XVd@vb^MPNJ#PAM%Yda%3sC)qWWguU`z6VQZir8p3pKb7+0fl;EBVlD zU`@~0kL!5~{coxRm`DH1@&EUB57zg;D|ssDzoh(^^d+Oe3y^$U6_Da=Ayt5l+SjcP z5WTEZ2Q=%q<}5L%%dF&A-f6W8$~qAJq?f?z^dLq6ar4|;)#dpg;Au_&ld#p@|DT%J z|CI0l`+NO0{a?kS)Bn=ca^~N7-}D$r!g^Cb6KWH~9|wL;hP@293Adgmq1&3z>b?tp zEtxWko0N(*`9-PK0{g$!-S3|o#s9GP|L)=bTK-?jWA6Ww+%I0W*!2~reiGDjZTw8I z4L5pIt3DHWLnB?6C=N}2m0ZdH&)&N?$895vqxoB(0>5!i#Y$-?KIW;~-MWhGIJ(Di zbS>GryQ!@RLt4-hP3RH?9u$O8;d}r8;^dWyV3ppXRO=p z?*aEe_4Dt0PxAkZ{7UCvEv-KLS$lq8>D*_m^IcB)LFavrJwC#I+tF9!_`I0{R?t-+ z$uAFexJBt7U|sq9%qzc(eU(puVPW|P`5r6fVpv)@_#%7T(>Lb$?;M zSQFnqB)9Zyn%&p6RJ|tc{5rQjRr3zs@@!6 z&-ov@K{fuz4W>`=-(Tb>&i^$ENfPlRZZH9Uy7a5xavxOrg4i{O9AtSWN=I2fCMlqy z4-91qj4u<0vLy`5XSnf6;Sk2isrTdO4txX&SMw4E-16a8RgOavp&{3cIPZ$0AxXH} zm!aRbI1}~WnrjuoC?W}UcyHOcN&RfVRrE8uDc(>he8VOr-(S5s1UWw45vBrU5{WuuBl5YeHBL>~z;o*y&Dtu={R{V_ilo zS>n|Oru%n!3Lg@bIe8C0hIMxrBTy7(h#d@GHa`${A>H@MLk(V((kaAjJ0`+dfni9t zNef1$3Szm_zG>BD?VoyESq&&cX-sw-#K$VxdJQ<5ZEJYRetAXm)-fU4kc6T`hAf(X z%7~OfhL+n{0NOifsdekHB}hxo5T0w3`wc&TTpz;`sN(bdzv%J6hV60HrY>bH4-eTy z*#d^Pt<%KiBu3^1r^wuT^ocmhSx2Qlae{L#bYCrU~v<09_27^INW2a-ip zS}iE5spE|*mvrr5al@=(IXL+T3K_}T2N#U()5jHH4jgg=GYq4}rw^(C9Xc#YR^(BJ zm4FT$HjHt2wHMBdWsgV7!YR1(C(LbKW+`%44nK9s||*Mp4PoeeF~iieKg9NT>O zu(b@Cg9o;xQ}*fq2?UgH`VXJAB1Y`sp~^)?4jrng{7~1vw)y!(-0B?uYv=zdiRkIC zxg)Bl1lVi;)!u(|r~cFZ?-%)r`=6UNrnzfZg#B=1jtX0D5pR+3>*cpUFT{4ZMl8P@ zWoyU)%n%4O1R08s9xz+uq~Q*^_1?Ga8yyaZM=-_jInN@=8Gva@Pw%~>JDfyk1rkRa z#9#y&JUap)fg5yYIph2rb(Y&W=Kodl*NbSU=Q7adxji2IWBx)GmygHbc@rm5(cfQ# zk6@XR&0parK2~l``Rz;$$*eU~uhr6;KGTUDL7yEpg0Um{&zz0+5u0Y%;geAwbyjx1i)~>^SIQfL{p(Nx zYs9qWd$$Cv-;~X&I91VqZInvrj(H7ty_Z_BHg-`;qJ|YVK>klN>_`3`B>(ffuYL-^ z9{C?krq%Z!Jui5A|K*GP`pEx$J3P7qP`;4eqXFcNpHzS+6=07FkfAijA*A-6^1B&+ z%`(W)Y9}8Qlk+%ui{uV(yur?Um_a7u#mEF1@CqQuwJ#)&ak6@sM)I?98*aa0&%2BJ zb$&{X6DqIU^C6BKww3-Sg(L?eX6frPISsPfoIexsN|1q?1N2)PrO!zQ9J&>u?%M?3 zLmb0JTm%G^1~_ZbAB;}L_#61)UGaCh_${hJ8KT6-gmumTasZTujDTXcpOn!jW%T!> zj2@!@88Jb<6u^D)zhkd@|L+A){{JuY>!JT$tL^X^JV2%BGu7(r`}}22oz|qkWGF_E zqBkn%%XusR?YvRhS?vm>LC2E@`J_R9DGjou_)`^K#$yt;jTMq zlZUB>`_xS*g&D)*-O)B>F>hsE!FHfuSc_AaY;U?Vqjvr8U>&VNQG8O{K0$2*pecOp zEZ;EchTs-?J zb5K6R`~RNrSL1)Yk^hwc_eFj}|Ch;l)W}cz5vI9rpXX04cCv*?18!C0>zPZ2Xbb5p|@LZzL^)~DZ!0t9#^KYNg#5zYHoqA8#Sr_7*6`f{2j>u*D3sL`5&G)s=oi_ z`u@}V?_cEiS^2-nse4?`zfPga^VcN9|0D^6@fC^Aw~UAcxvVMy`1ZB%{&flsuFt{u z;rF~>8>i1lIhe;6czq`BE*7U4=3tI4`#tgU|BT;({9i}KevbGLKbX|?|EKtmFZ2@} z&gB1>>Mg=n?%$RXP)l!a69B3aI+*|KrxI=N#TGnYZ&?f9SDy{uui-TDeVLwrkFJ*bWgGENsAC!l# z_`FzbtVeY|S>2zfXCKJC_zRRVa15S2BIMZJ6&j9Z|-9AaR7U zfiX_wwAqRra1eQMlCOKmTRiC`t-k~1zbYGXCCWy0)dKd}e}Pwx|MUa@N&bJ4U(Nn2 zt@I<7fci8DB#!D1WFZ2j%^2Q4vaw3`L;~xsSP6rnJp)Y{21Q6S4{a z&ty!Nh8i>ueXzDr*)dP1=I8t!$p6#(@bmfqe82Ah8$HE;eUV>{|6l3rPX^wLJ7*v+ zogYCGh)QtH{6D=9_wsvfBwW3}Xni5JWE$|+IeUMOegn_*D`SC<_%17ti9Z}GQ%-dI zfGNYtO3+{BUgq&HGR?6;QZp>6}?{UQ;Ry! zzZtArbnm0Qi;fnZy>JE=qxJIy3Q7)j0~(}#CIw$Er7_UK!a((W(&B%YzXSQd^uv9g z`XAodt@?l5>FDYH|BL);{Qp|4^dm5T?YbS7GY^V~Z20Gw$$i<4`*r^Jf>lcn6hS5` z^mb-lxevJl`d|)LaYFyA_KJ61uIU=w2Z}b?y!`Z$_)A5+sbgpnaPq4m;uMfRLQZXi zHrJFn+`-073CGVQt11irX{-GoF0l^g|FY!Q=eYm({M!4Up7#|0`(=I&{9isW_80;{ zl}2wf092z6oKm9K@Q!GWSIRAGWtQS|iCY%$k#=R5y6;}Ipfqeh%Rm!$sBuuH^t16? zwbesm3}-ikiY73 zfHcs9casUaS6wvdFU=A{eYFY-SeFqR;3tR*4Pw80M;(``9~1+2l@tYp zCxP(^zb5|gtWmtdtAu3eQO4NA|J`x*{SR;KkDuzlev#iZa0MAdSwcB~l8X)=)+hms zEsi6ctUwCGJGesBIeG>}r4YJJayJa;j^}uz!C(G#3jcES?AbH$OXDlS&3bXZg!G-lH z%eF}EDN%DLB%2gw=+x{PIF3_-bPS&RuI~@sVCYYdkN8*|JAPu1zE#ylKt#ejlmYn= zNDLB^3^(u}BvZ}5#~*lOmhCt@TjCF35aCGpE0;Kl0Q!)kkf8_+h68|;2#1i73_Snk zneR`>2hoBl-6DF*+aDhv*(NNoO<2%-!u-mF1?Gf}x=)w|bKi!!-y3tUg1O&_xmvsP zDAF(KTyEe>=*_A&{|;_qwN{5AQ>>NWvR0mrVy`#FZiQm6jbgS-3BXDIeo%%|qR2c9 zgMv)2g-q8*rrVdyd4)>%lXj#ec|7k%@_2rH+<&*vEpu`h5)D%_D^JPXoDsLO?mt5; ztE%AyGfBNa=|;Uju`l?{Lffn_ZId!>vqswbF>Dw`V4KB47bIH-ev7&BPss)Wn5G~i zhzcei<2wZOWCa~hN6>OQCYH%MY&{w#Yh0eJi7{E;v^H5wl7*Fb^D?B$+u2YaTTnhs zj5VMtYCLLE8e{2tl0FM-s(+7yD^m;Z`^M#JL)H1 zn|@+bPkL!53{f@=oS@45f=3|Q?YMzlzJcUGFGxr=Z}|>q(RVOIoU1_jCNW-Yx$4LH z?_#?Wqq(!gM4=wdow>&qo}Qr%xkuoZWVh0cCfcZl*=j3GGIP2n9XIc!W%JrJw*CrR zc^yr4&F#ks+)+1r-BAm@R(-86y;W_^q&K%jzDJOW?G(r40c=Qyz}36U7pLzoUx+e? z!hu3}Nhlo}ulToDmoFswK{u_&4d!<8ZF*c!HO{Rrx7$koV!KI&cRGbET&q-?Uv^usGRff-o8Bl@5?u@ zfOM9CANi>l`U*5GlY6dfk$aLb+g$ZxmZGOunX7_b`a^%#hh2K}Zi0xnZ=tz~U&;@?X?80# zdnV1}%KivRmZ6aGO(EF>SQE;stV7T}IZWZo>7I;Q=x*W=@U^A2%8&NV z-vG?7NQG-h5*u_}{J_5W6WiiXdN2Oiw2vetlUT2&Cqxl|TSj7>+;OT&%DF!yy5@L5b$EVaWJHua}F*o6S2hbl$#&W{dC}_ZEKRitrm7!p|Ri zogE#L=4mJWm$z@B*&@Woy@lAg!q~xWc@~CFa%7 z&hciGP8u$6f2hO5n~gi3n{nH@vGB)nZ~izkU0xEBIiH)YVjCu>6 zQAO~K48h|K1Ftj9>H~u-DR^go$AjuyOi_ufjsCtuXjBnGBSQ$8^y@t?{l~X&-e11B zJpc9m<@M!vuV4Q9;^q6xisYU$w)Podq_SGI)n5 zx4m&f8H{6LaBS061|uY|n{q>gTIsQfh*5755mZFP$Pf`FdJN93k>&(wVrYs&yu_iP z9!d=8o$#P<2SIe^Xkot zP~*T7Dc?IqjNxQuM2Ig*rvD1IDR_7N9f*)fF0xLZg<}W3Id)Lt*g=V7_q#>)rhcbO zFy6jp!&ta_(3`9KwL@ZZb+3`Dzj}8m)~j4fO%U77HO|`$3krP@jBBhl2@A$w|PR0lXP?Q*AsAk^WyT2n1aiz@8JgXjZxYM9nX|& zzfNerf0Q43lI@z2MG{h#>_$}F#;6_np*JdJ4b?RQcf7vNzsand<7P6mJ8oQ?GVAtM zX5ET1>z0(+zBEs#-DsXpTWGc@vuV(2Sao}gRktEm-I7>!`#B9JqmDF> z+Gw^&RkycPbt^)|ElJg$?!rm8_#NK9g=UKc=^eWFEW+g$m_!#>0Cc&u%Bv%pO z3CK`F?)f|j=nOAnbONvlK-Vu(%9-#xGB)4J*f`paGr>Rfo{5qy<&eyo=x2aTyp96Q zvkEYdppE99LVND`;|k3aljfeM-0ir|?)2cBoN>n+(6RjnloM~8&z=gw-0?@1`5c?` z*-s%DcT|GLb|r`-XrsBOLNIsyphEM=pt+~lV?61$hsKjOUeT-o@DIId_A4|8Ce5=3 z2TcAP_(Im4<;+v05Gs1RU8;;H)=L$RoQ>X|+Q8iLy$Zd4Bfb4n7`T2Ury{qz#vQ|V z#`f?Xj=XI?dTI)D$9F69;hFQ%Pg59o%gW>WD_96!?d}G<)+3&8DW{_4C}1y>1%e z*t2Sc96<}s2j0&$(L5{D?9Cf#RvTF>Mj{|H!b=gR$-qCNMF_T8{0$YSUMH*JD(%tX4wvG zMVuW36s5AfO0M0mGO|s@0!AoBNraMc2UrGiVkO9?uX(-oHLs$td6Pzh?2E@&Z8Yn4 z=ti@)LuXT>4%B>`h^#14o~cCH!;30JPP@6SM^mfYdfuGHEkAtHQLJvyQ7=NfsfQz5 zc9X!sRFz79HxR2QB#F>;7{|rkxEZ9*2)Mbpcq_5(=mHpxWL_Ie=r%*m@L`5PxhBT_ z(YGLs5lptJtht26!IedX!fl4x4y4>bgyUuMx%Kfux@(gXcV*n>uA7_{AnAoj+pr+%+y+y__x@F5lX2jOv1O_Y8}cv zwS+u4);(`i5Bp`Y=ZCvuB6y~X*l>m(ac4cstk@LDeo627tW*pM&r~9Xi>(H%KM3sT3Zv1R=`UP*?pX ziJlZW72PhKNA?_#x#cEo-uEJG?o`}fBXcUMriBcdR@#I%0ArloA*=akb6WNHS(Wh( zOnj{#i}KzKX59kqf|)hYZf?1=n)ki3npZ`O-$#|vBTEwFWCd`NSKHPXb2bW^7jM>g@hYjlv-0BA699AU!!2cGQ`{rQaDieW zCUp68M=f7R#x%7uCR^5T@1);K&hNB+`E)3{*tTXodhxu}8YWS!7F3B8F$W#9#sYiR zm@NaicLMOF933>ZY=E3Snf7@70=gW#rrzo>pEK08m*uo{JlXa@i-|>_n)KDDCS`qU zQr4%cTLULbYf3Y+;5J`sQA|?Ha}qZ}M{gvaHK} z_>E#Y9rN)6dp^D`9lv)r{T$`W zZb+jSUSF_H!3Bq!*S++Dj;3TFOi9~5?`Wb2(nQZOWi=7kJeSS)N8`RRy5q7C9y=3r zE*oQ{<+c2Ino7DmrUC@^RDiKXl#cs~(n^tuaY>Zg!%`~?>vr5FZp$w5yOr7F?W?|9 z85tq&9>gOCK(>|Hs4AxqCo9_&H%s~6MJ*~dEyg7&Z``KlT0A9!eX86T3W`tJh3Q3X-sz9bUrER)JoMBmuD9wVd#Sl)$wQDn1VlRVG7MczjvvMN~MZ% zN$59BhRBqQBFr#JU<_c4A*D#lec?jLiw>EYoPue4Iy- zUVi0v;B?B0n6C+pzJoDLLX?4XJ}-*=ZYrQ}_ml>DYzoZ4CU58-=r8mq z-5jF+#Oe?YY~fBp&u}Nvb6O#CW)gYeg_GYgG}E_-W(Kwxr=WL?Q&5R<3d|TMlSmz+ zR+uv&i3k%{k)Al+T-k^cN>b?}HBvzRNjJ5~pI8moz!nu1^p1)ODp65^85QNWyoj)n z{@>F=B{>s?BU~Ng7U315jL*3OspH(Bz?)s}&)p%F~hrPzD)V zZsV9DW?hYDg+J)|Oo-^|RaV0{SEG6teL>P4z#oKzL@Dx4?H-g75Uz0?$&&gOKXPD; zoeFx!PKln?gXc99qjWPa(8Nj%|Mva0K2%b^)rjKSs$4Zy&WWwXH3|hQe2)@&mE?82 zM)B;|D1j}CD(D$S#e2>x)8m@cGp(%k|GlLQq#3!#5dse|6UR#sAFekf0!xVHbsF3< zlA>&bDHYOR%*42xMdOXF7ENFY;0pQ%a0O09ft{PvQ1@4J%kCa#oTsR5AuSq~A-IWg zfK2MCM`L0|qgiov`zo%L`d4nDxVEFwtWNeWe&tpd zWpWrA&3aJp+Dw(wOm3kEaWrh!gsnbO&+#z*?Ikun_ zDwT!YLejLOVPj>Vl7i(`cZs_nmnlcNX}8J`eXyBUf01Vq$+)mcFi zqawLe=4g|LM5JySvHSCRC;MzZx0q*Bo7kQ97Q54m*qv6zuKlr)l8H9&cKNLJV3H6f(uH1Q%H$3g=_m4^@)&b&lx8GE zl&U(~>Y=vC%t4rUdyRZT`E&Ywi#DFOYeh-{%_F|%4EB5 z)z!8tj~T-qm;Q`sfteQ@lE;j4#em`ng`5bv9-YEN=C+5drWPA#+SkUJmTjDA#m1>m zrl>g11u55rpa`qHf^41FX_4}EiDM)Joe_*gvUo0?#bk8j1mmEwHb%Bh&gmPHyd^}e zMZtrr;jT<4R*J~w%EELrFl-NDO)Xa6w6E1SsXT@=typ|TwPJIdzD1N}+mOkk7hrdEXEV+0`wP9+d4F*IKhv(Z~>GMd%Wi5x?_p zl}F~b!XpYnE7koMd|oBmvf$+k0ozn%lEYZI7fSJ5>X{T#0|tg{3*&glH;H^1Y~C&5 zZ!YrvzIyuoA$}q?>QpVG+*YS=U!K4C@ujng9%&5Mb=}EmB>vxZ-Rl2)U0B>EsRh9AJOBQ_xLa0eI@#wy58_Sig2aGh1wAt#!G9yp-EVd& z=k9v;_>90I3f3qS`G4HlyXB@w~|Eac^hqp{{jr-3Ku`U}M6|3|?@wLeNMnkv&k0p*(s z#=QTKB-G(e#Y2ArzI3H*GZcYs5}{0PAc0UZs1uS%^6RWRzUeM4VWCxz91kc27=VBS z8!BiLDdAEHLqsW9;u!Ir%nm^Cdy+{vCQg>*Bp163{K9u zhJsg@*!NIjK2#HS`piK1xOr9_@pRxv5MwGf&@Y4G5N_Fea56|pf(C!rJJOg)KAJcq zI6(krD{(xj!#6F(5h~u|91gb>Wy1(EIE-*6CaXxdWgsT9o|!y~5`1ZrH6ZDAq!tpS z^DzP+!GaLJn72z9Q^YZUsr-`LB&jc9v9)oco)(O(L)>%Zu%BJ2nZV5fsnp~6ir4A@Z^UfN_fwx3fcibuTcUP zgsqK*gYwnd6EV-3LWmiEe!x^57j^5a7M}m5Is-S_ zQUd5hDz5pku&@?L9>j#@JPUza9Q~S6c-z8U9h|H(MCk!%5hg%2Hhkq(zG@prrLQ*( z!xedRl)O}6_dy;=c88PI3!IfF`E+0kR}NFP1cJGV_y~0-Ns1B_sZ1r4p)sLZT`oaF zn9SOey8@=E?5s5$b)Gk5o3IqF^(hsGlfemObi$9kl}Sy47+n)mJCr?yUJj~|cq}7Z zzOluh)kD5{X&21a;`m;X=s;=MfOjXJo@2O=p&QWqvGaVSDla!7KN2U;$Lh$(^L__% z@iZeF266ldTO|i&Y?WL;ipff<)^v@Lkgl}Pa9!$@Xl0d$8O zL?Q?E?(J(1=(T83biGfLgSULeFv&Ok`>Qv(Ecsn2{(0cx@IFnBD`Yzo!S8X5$~$tP zPQc)dOVg8qzSJI^4NmXV;JUAP0Si)owl1TSw@?#E0?D#8Xb3;`e7ylE< z_!T{Ea%YK~bE%PN6P|B@_g8NmJ2_5%4PO@ACFD60Kd*7P7Mo1(E#6a`xC zOAl_ih&07DSmmKu?a1h`!^Qcyi{?Q51}3E_4wZ1~V7Bll z(JY*YemEV^f_7}g=p3Ua9rLGqlx19u3FD2o&~~Oa;EGcrfNU9|A&ey@`NIB5Z{fdi zRu@G8f*(kR|H=Et+=K$>s-uEan5nIs#B>AMH%bLqzs+Krx6M1II!uRMV*o#3;HJUq zduZhNj;puO%twASbA2?PFZ{`TJaXrgu|J2 zSr@xP=QXYj?$9p3zE{HN8wuhYg_BdpRjE%-5u4t0eQ|Dl<@RG_csKPM0*zoJ$Y2A! zqL*kO0(TQuxwlXutdRxdy|y6*Mesa51X=YIL>=AN^1~j=Sw`X*WqYQQi)mmsQQB@% zB=uC+e4>b*Mi6aCLJ?~jrBO>0W~@a#zS`e9y&Toz8IC@v$=-*| z!>5gtArW)ViQqcPM{w)$G2U!NA!4!w5u%t|nJI~Az4JY$m?S@7$~o<8yb&&X1t<`% zaS8ugBnZjYU@e=2ShlagBqBcLod~9MQkXF;Wr@LG6CCS_Fo*TT;GeoI>c_6MuGPK&+;Fh;8*ruxtMhN8Hz9$)Yk&jJJ zxbBT3ZH#cu_pN?_?75N-$HKK%!cux0uGJ!3qeehKB`;8n7^-(KKs(@t*rFT+z^g>q zs%uPZXRbl5$#h_~wYMj7YggpjPXtHk)ii*Nx`xWF-H7*!7a07lW^?3cfv45Eyr z{J#VnxF~L^MN|XduVtgf2~C(}%eYagEyh>xF8Q%8M?r9OWJGP5IsEeXk~}sF4vTh8 zLiwG-OD!`@Ot!)YN9uVftjjKnr@6^C5jQ~ZuD{D;dky(6?)dGZU4Awsx>*`o5SLI% zMrDe*-70k+DyLelY-|Q`b_%!xgE^b zNdNg*(b(jU`Vr!!8E*&N)YP+Uk=mwt#Tht11~-2@1MhAwz<0;s>iqip=ND(-n}7Wa zIB(U{10o*t-~avwToet&4<+~CXJn)P1%Tt|wGe-=iFf_+CXE~D&|gKskm}#u<^w}n z0^`esp==35RJSkRQKTZGu*yk>jET@3als%WDdf4w8i=E#IQiLrfEhXiA{1(|OJ%Y1 zyBWccsm%_ux>%GA#dkidcBcTT(Ct8`Vx3o z)fnw{Cln3)dJ{GfC*No|j)|(nKkc!8^Q)$2%k)890&(SG!Pig3{zpxNY#HGKxoPX4 zZyAaCH)CQXch>PI;%P0Cu@e~;Bz*JYA%DJ0<%`19?A?HXlzrdh4=DN(M^TJ8cc%@e zajq5+t*65z=g(ln`>L+ZLv-?QJUCg@)O{9aSDM}&44$%j=Nn_;1B!sbGB%H}=;Zk*hsZ%P{g{Fg$4<~Nt^?x)4NnMF+%SQoU zzh1o(B3ZIUvCAW_SSN%5E(~?n&0qcuJjWXi-9rY_ab-4%qcsP)^Yzgdt@A<;iW_1o z@0B}@DpGR~9#ynHcvSU|qKJ5lvSqfF@oYMPJ|84!QYu%9nue7~lA70Xu=?T}7_@48 zC~w|0vl*?#YN&r;CQ~DMpC((nPmsFMcFA?vJu6xpNG5;m8syB6T(c9srHU-uX@MXw zp>ZPLd8H@(X!8F_*a4S9na&VLW+S~xFae$haAIhV0%wxMyW+Fx1+zO8amlF$ zZ$O{L^(|2-GB>ZUbM+;kg73J5meI3s^jrT@H|M-d70S`Mc$%-3hHiEIm~Hl{P8~fp zWnqlj!TBMT#(NS&O0De~AvbGOg&@>B72(QIw!w+qpd^b>wm*kNJr>wXmP!vPn&|M5 zY@3{jrxj!sh`hy#NIy+hTw}s~xtShEY&kh{jF%|fh1FQ8f8W;h;-aNqT)q!0_jdX* zQj4aoKN}CL)bDLoBWIg6xgo-`XH%Rdm`FQ8`euZV$PcArv+v%%zUEE06d3`VoPZbK zIp&D1ch31UtM&_L6HLF`W<5x=xmJST;hI_X+cR2ig!j-(3i`TU^)sGo(seA z#9z#olK?KFAX-9yH1X%Na59J;I`_T?!7vaZj0`~Y{fhFc}>xVkiD*d5kJcicB%eURGn2;Rc<>WtlS6pR8FMbprW zM!^zA-Yi-~o;RH?rV|t{Cd)9GPCPGIgd;BsMiKM_HypV>9L>h#eFz!L^FXq@d@A=? z*yZL;Vxk7rLE3sROFOQ%kW81bQjNr#V5L}8z;rhPE5y}67LJ8aLrw0ax-BrM1JfR+ zU5coq?i1))p@{YMa$eJUu2NV zi~vU(B+_6Y>Vyi@OlmS45~1AsQBnMIx^`rnpcV4`Zahyr;D z&>ca@d!7{5sk&OpzjN|Rt|CM1H6XMkS%_+$4JjDJHyu|e3IGe}V%VR#agfNoHem_r zo1RSD%a#GH-VDA}aUQ(2f0e{-eJxu-P2^We7$hvb|w@YqpG+ zCQ-G#4!~gy3nQ;#6pH^@*;4cQ{1wjAilAH=vdsC1CMH9_Z4qTTMU5QGHmdpXW|ON< zjU^kDi%sURFPGxBjc3EbdN@;8b}q8<&@vB#wj`CEjyC#C4qyfexg9NlUO zO-Ph%kbIvI#S}?kBH^|CxTx84n}{o36oKc)(8uCPN}$O$j!!^B>Te@*l}E65#7=-H z-J?TA8Yr+&|8`+JknfaJD4AmkZvN7Z?v+N23+JD4`FzNY%E8$209I7=@ zN^UQ?8t>J3yuFy%J_@telIx1Gh(K9jYl7VmgfhWYWpxCC6Qj0q9s|koJ>^iABo1C-y7d1G){ufl%!iDsBiksqC9*DX z(j$MhafIgMG7zyy#yGWOqomp1LnHPjjJM((-)eepn-Pl8{XyIypB9PF<1CyFBikZG z=>9Pl!5qQj*!rKzA8y3dvR%IPE@|S5`c|^S6a@;MSYkd1MeNFWpUD#UBW{C*W@ zB;(-1HF-$nt1{xD>c*j@=5_GqzZT8E;29|J%QvdR;jVfLJiI%Dh14q>6})h?HNZp?~O~be+}-?Zg4ixRUif@gH%>t z+3bd*ZvW|KH_X5O`|lOSTn#JXw%dFaRQ?0ZrV2%NBU(0WHK5f*9%MaN#{J9&8(qUp z`1G6akn%(^?ZDB4Faku^yi9uOp(^@G{7sA%;jFGeNNk-Aitx7ao6;+pHN4DZFgX)MYAl%9#S5E)} ziYhgub^I9G*i-y_uesn>Xp<6I$xY2$)7VWbs2A#Yw2T7P-|Zsa!%S5=`$L>vh3@bF z@M=VV&kLVzt=j7EaNVumrzASxTPCETW`{0iS?=Gn0EhwX z_2IQSYQ4Ib-7r90+e@6?{%f$LuehQ;I2%u9C;DF(qV%{7k{X;1eiF~@{fOxXvT!{( z8Hm^S%zokz?vU>jm0sSmjZ687AUnx8*rq$lEL37KC{aMUgej zxJ(vR2vo&U6|Skm_hm|pZCf004aOk76Vh3pd=c`Q3wGo0F}_C$qIAeDLM;AE6c68~ zLy3dFHxvJGbaNYKul0A)zG<(P;W+wszrmCh>;+2`UwRd>iuuBHEmRk^Vmtk$tcH3e z25%Z}Z$WpNU{NBX2~IU3ad0}2dH@7J+}vELo;u=4m$(sofPX*b|8t#JNjNq#>vW%{ zQEBDkwEDh@_`bwQzR%9rnid|fdg;K@bU8YrPKGt22;9oGITOW0Zq{4gD^Q#0s0Nn|ZZ59){LwtLL`m;P`>EC)Pp|qt~6)r(e`8+XafYnAg z{x!|BG(s1>Q+3=oV11Cf#_2nwq9U+2^^iM@!YJ~hN$AcO%jJAD4})olM$6H3JXy>U za=pM`&Z6095_t33WC@|~2jhtk8&W$e2x)aQTR`i+)m|N->f5{}vCJek{{0W;LIhy!pE##>z_0xrlsQdeq`X2&oL^V?7H?q`cChH1N5F8Y5#i#$V= zY_qUd)=^X_rGvA74Z?IgI2(*y*WC6gsE22_MYPUo+Hx+FLXuWV%E&vKMGp{eEuaaxioEL{<1f(S0#**Kt_IVKs zB_xFmlp{LeJ5?J_`dFFBm^aFSa>;~}Fx#anK}t#16B(BwZYxFU1`$|uk11B=hG4Q= zkZ30d*Q;n;>#K(YmN-^2R2SQ;E2{`K6V)QZ*RfQIvtp7vMSX za12m#KfH$-(A9O~U1^YJf1ij7xytZ8j?oIeq#=yOHdns1lYvKMmJs%R?)27=q6q)s8zTIO@^4*yfejS}bX}N(YIo)J|Ms|?^LC$Bxl32LF%kW| zmAguV?9+_vj6a{uDkz+O4>vf*4RvO?qKZ?n)ZfL?Dz5frdP|;%e0g<0I^q92u@16p zQq-WiI8RHo3Pr#MPIeD>#vHF85-;@8Pj?3c~?J0qNBq)aZ*K@T7G`sy?rgdigRsTDzy>C zV75YR-_9*+E*kAC&K2qCFR^+t0n3bRr2bsgG!|ck8{xJ9cq@_&^)pn;iD2$8&7M?% zTp_Cs&qC$;`!*GT#UhB}NlL%sQxqwNqqValeLd%Y!i8bm73KTVW(H_*@;!X8K1RnA zLrV`;^{5fH=hSHU2Ob=1FZPiOq1?HYx2-~{=VU4~?eeM=F=28^Q&4Zx7(M6Ab)lH+ z@kxo-o`4+QNx^dsG|shs*XogIFb2#0d%w$)pL#oJRmk2N8p#!>hc)7BZWd2f01ItO zTeb~DSYA)NsYQ5}VN2`N(U0;{5epIN%KNHD`w4&&2&S58p-4ILm{}M)uXbr5*zpXu z>gWP2i$n-~Z7N^r(rU$A8bL$yRc#W1Y@5iEqY6^#=^F__EVHx9V2G|zhDGQENh0$t z68AR0@oW?HdA76haR^g<%7uMQU^L7v{L_>~!+Y=aSzbx)`0q8GHi%NVLbizI&y3K} zYeC6cT>6V4MPemR8(ziL`W=)>5k<>SEnXxbiWlt)sOol_k(9(_wYyHaQGAgXOsb=& zU*og&=<_6>o;xvRa^5ufAr_dQ;0^(nd{Ah*?5McNidx+Cd=7!I$6%paej`~G6)j;F|-dkg3; zMrgd8`1AREFJ|%<$=tdcSn=ySKi2<1cB@N?&vGm8wbAo6>uMA^gX{V zWib27{p7K##Qi~j!{P8~jU#k+1i%n55+3ot96c+1&)fpK$LQhc=uhH_gLQ_Me;#PT zTktf8WUJF(xd6c7Da-Kv&Iu_U2s7u;1BO1ZQ}OQ%#eW`9wu=#6Bg6*a^e;z8&z_0e zzeB+;_&=XLdj_sUm~fu5jTt>UIy(9Y-VpF3rX^<2Wyv;)^xHk0U!D#3{XU8j3mL3O oRV|GBY1z5wn805!Ak{{R30 literal 0 HcmV?d00001 diff --git a/stable/authelia/11.0.19/icon.png b/stable/authelia/11.0.19/icon.png new file mode 100644 index 0000000000000000000000000000000000000000..ef2d3b9f3265def8c4b0f8a17a275c348e306ccb GIT binary patch literal 18745 zcmbUI1yo$mvIhze?m+_t0t^IqC%6Zf;BLdN^pL_0k z_kHU=S>LSLv#q-7SJK^kx@w0jD@tLY5}^VB01O#v36;0~@IM?d0K;bO(}$hfCBD(Zwzd~&c;A@ zTN^tkK6gQifAQseJO1Y~3kC3BB+k}?6r%qK1ZpWL1H~bZU?2}OD-(#7l@-Xt%gn~X z#RK96GXmLJ+1XfFd05yunOIr*IC%NExPkxvP`rtAG&SQ>k@)g&VQ*)G6c*0T_IxZX zZfrceaGs0srA> zYyxp{7NmHC`d>QO+W&{GozuVV^ky*@cVl}NHfGj;bov*eDd<0R_AZV#{}OHrVgcKL zZNYZVPH(hq|Dmk9}U0~#?D|tihsPu#K!*iRb%7eW98)IWMyLI=3{03FH!}Fsim36|4Pcm$M%0E zeTx}WV`t<4S7K8TpBco_*7!|fOIu@eFpIsNIR)@PX5 zCp;4{=VxAab`BDV*KCSlpHPJdZe+<|K$1) zD$_TPCY)?0W*|0GCNp+3Vk;Er$>GbAf zkAHV0Rj|Xqk8CV~{|X*HW6(dHLXZOVPc(o{DgJ%g@_(_%|0l`+ZtrFReq;Lo5GDU5 z-3emm>}Ko;7Bzpf-T!M8vi#qHcQSVUe}?}5&6WR!>3@a(Kcn{lAL#!!3&_IQ&K&$U z#IjKQqYTSGW6^&(h2{U(U;n!IKgO;9CVv|Y|2h26F#LA%pMe}~_r}`sZJ1_yxIqU1 z#7<=-MAh80PP5(I^#0~JYS(+NZ#+)khE~`tZ=^FNMEgz!M(^-DO|E-wcDb2NW{J}l6B-9$ zBZi_k!407o7qcdoQ=qE6`=tl?0=Qg%g~?+B7$|?H6D6Zv>0D5#GWPTHKFA{dBOQet zgdN>BNvZLDh)#WXC?M~PEvcrYzathNAnweI;`}ia79jZB9FP|dq%!RoYQI=Mn}Br3 zbu|!@Ykz@HfN$F^O_fegL38nN5iZCB!JKscp+iLdCIftILgCG1v04AS_4t859J`ee zdl-1&NJF^Wp1@m@Yn3iW!`lc;{K3@g414p+m zBzYgoQjeWz4B)=8J;ox2z`?kAO({RJ_KU=L1cZS-^UI7DKKe{oS{JE2QvrSwn)NS5 z^Y2(1^35qmvBrUPfF8-_(G6-jSBx;(y!OeeFQO|_x3X`yOyqoG0jT9Zvaxb#(+N#3 z{PZ!SPy>kY-aLi_KlhS2eBAzp73+)jw>YMa4UC)VFpzrh@&+wVm@A*>qDSaT9k$B$ zcib=`h?VG{?{Z{`qZo_m6P0+UVesn}foCZ$Fm7X)(!&jdvpvQV$V0SJ$s+Vec0!wR z!ly2%^kemh$i;WHe*5NrhpYGZ<&3MO#>l+%@FwHgc6DmG&uMz<_FMpCjVKk)j)#7< z=V}DBPS?JK+Sg2FjguJGNhwh zWbOMfi4vNU0^Mrb@8vI_{N<;Vx%eM>1h$W~uVOkNKIYUI(e}=4HV7&lH~W4`6=-L0 z6Bg3O9h>^EB10)Ho2d7mQqYiCd#oRdz>rQla3S^Py>k*ZJ3ciI3Sa6{N6PaL^VQ3` zsdeu9KuC}{dnJ4U_X56}LOaMIX=V#O-6FEXZKKg;;2Vp-?FV+Y{<@#F*wUvvtNYeY zrCqSf;)v~TkJ%Gb&Wk;dQn_BGG;q(c_EGGN@G86)F}h7{s<{#mrS|%hIUAcdoPxLV z!e0ECVKQ5i44pNVF_Zrr5Nciub->+ia7M^!q;_D;m1NR-o2a&42o z1nSW|dhk6KC)u4YUtF-*>dOg-hh%;FTK}o&XB@Ib2|dLS$!n+|8p6(sv*H%@R(NU) z%i~QIx!=_A_#Cn&`7vy~73#4;OGw zi;k$22Tise1;+E+WF-S_Ss#=3a(&ts1TH+W=3ua3!!aD(R?#MO4ZS!Hjs=g99v`;0 zSvZrj?#|*JQO;l7IyRf19j%|g)zqKv+kaw!Ez59T#3*?>oPq;dVhzW{RMi+Ru0nS& z)t+(2oN+*Xl~))D1eR-048vM{olx;)Qb-KBow;`FYe5d|{B9vTI#&v>65xgYwf zrC_!GoN8ZvciL~sH5=JA7XN}!z!t+Dn|^=H1aQ=19tOhZ8$3b{=W3pQY?nPGY4ZBj z7jIQA0@TRbllpvLP9IyEGJD#c9Lu2%(Gp;wBre1?Kn0_hCQk5GjCSKp=k-vju+P(+ z+nekiGW&cTx!;$Uv=2S^_#%oC`jRAq6?W3$rfati10p84i|y}Kv9S{OZkhf5Fl zH5FLY$}{dWGF&dcx+aSe*TAw1GKn!+qeE>P?YR+DvX3!b@t&2i|$gU zuoqjrNQuTsxLDS$p540oD-HwGAo?;P`%LqzSg|mb+x2)y3LLFMer8&i`Mk>w1L>nV z#bmdSc**FZrc%eby1w1IIFOPFZr115%SH&MU1Z4mp>OHb=Wq)kDTYqZ*NiXOFyG{D zq;Zi4B4kF_rU~GdK0=+FOnV38;+kos=kFT)0_T3h#QHo&D;($eW|!I;4}1U@D!H3R zO4zm1z9)MZT;cYk&{t{ot8UK^NCo6z<8t!?et4;X3}&=Za<-dWL*GTe#KttUQ9$&I z!o#w5Mi!f&bg^(QXrHXP%6*4L!1kssu^eqk?-7Aq`W2W#K?uEhX$KuMC{b_yAy+HgL^IwbQcbO0MUp?vy z2~#snWmr#TS8&b?q2;k-^c5mChlj3_@GLj`+?gOMk#840!SmX!h%2EET&iiLohn%8 z3M^XJoSWNzpUM=da-3O@L>4thg(Cepb!vX`-ETK%zPN^bHv4h#+#He(qx(bHf?|Po zekT($c(I5UzvkPQ=ewVBt;CDPfnReX zuA>#gwTuN6$|o_AY;L5$0W)~;>_qB`%ziSI8gqZ4M#lyhM%(SeJtHfMxjbOco1Kns z7^AHwA7Ien;ti*ttN2)n-z)dd@w?KB%|aBV^Fj4#|7Z2^@?KgjnZZ(Pdy0he{fHez z$gk-qpN#f#qBYnL{8urNNh=9RsAijq&d_CB& z#}!Oeg*95pB7L(tDl3hLtEoz8_dKkp@N@eLW#4lgrzilHBc0N8p85;XwB;qsc& zqF2ayrAg(`JKnG!Uw=NjU!SCr+t->EPASQkcIqHjQNeRrQ@C*o%2!daag+YE@u^)iQ)TT>x_CSeV zat*217U&p84gDZd73gcYcp5#nHule zFUv`@Ife?zgRp^BmM4!+tN}rR(3<1a*Rwg1JpOwGo@m5v8sR6yaCyJo9K&K@Tue?0 zg7B%WL0mw#L!mJ(o5IY_N4In_UA|c5D8zujzjz*nURAJ$1DG93J7GhbM$G11#A;=avSnRV{~!&Y`}A7HjhaRue9-NJb`? zJdfR=8QQq#n9^0;GpJNMk+2^RPGd=^8ptJ(n@GPY~0#Gx_anY8R!djxXw8ALjIL{ySLdXA}y3MGRD^i9-0$=7CQJn&r>b zCgexQt55OrnktNV3^8)WEcwzxUnys~g0lE$Uy75N6MVl#WnOfUS&tXyZrs$;IR&d>qprx0KxUYrBGST$T;ca?65^KJAgiI}`r6{|!<*R719({XF9Amq$w(76xSVr7tcs&?2L#oHk&9 zdyOanQtLunGru9f#nN9$0FmOFIW>8|-{Ng6j{Gx80OMicuMtiJf-*GfEF!d(7Xp-} z*3xiG0i3HFTb=K$8YyqHBueKqvP6PoogM-D3Q_6>G@dSo7OQQ||1!KqNKORR9o?CS zq^_EWE%p3Lh?6G)fr6T|1JX}Hk+tVD+}68`?a=sR>v_f2JQN}#h1y$=Qt zvT_mUf&qC7@fJDc7Lh2{9&;x!CZz`4p0FKc!t1saFI~>dmJ{YpdUNA;1&v2}lj<~5 z<`lgbetYGdlc&`VI^8^r;1J-m9^AZWm9P^?9ok_2Ug0$~WbSO|_o=usy(FPRsXWbo z8Mci6oX>w)_0W1rEDwi4{)!VpbqYaYE>wV|N?`q$J0%XZv4?IpH5El-<|1nYxj3W1 zl6+_~6{k*_h~b?zaC$!(d3U8utgTs*c9Dqod-h|0#+@DMddXe2o3}w5&hx!5NrY91%X8p> zyecM5g=TR%5}6j?&zmQ?UjHcm1*Q=1cx>0`VSXbD5qYG zJsllX(k&^fxV-5K`&aU#EziA93W)>PYb~4ts1LnMOx2q^)+s;lnFQZK+H`v-CE`kz z$PKK;B0oY`0E2_0InDvvgfSvl5u=%#w zvGIA(yPNY+yfEhda*jkUM?ho4MYirIa;X^y5njoLDMT2zcNKXpkMl3hENz-24Akq; z1c{Q|iPaY^3CejrZROiSmY zOun}Dcs{8uU7Va*n7-bnfo*%3Vh3-)eJpWlALWHWYy6&fBsk-)SHtAL3&$_xkQai% zG+EeI+Ly}#ubkgSF30vZ0Xele5gXl;l4uEnde!uCA1+H@qn9V`V7t#2J>7ikGn%sX z66LJS1?~_Lc(WH>kAAV7Dny5wN9hP$|2?x&U9%qj`2AaPG&QuQ_~6_y3sI~@*QX&^7cQ119N zufV%kDdyFMq8_RUdKMBn5yh=K1X<$M=I+ratCF!yt$c1xpKpwdp-BGHOI@wDKjan> zDy!%)+$mtJi`-UM_i4TxIb`U8#B@2IYg80+Vw$ph{8kNl6-FD2InwL*gGj2z%ZdOZ zjAOY@zt7*{OHYS4c<{Mt6Zj50dizfB-Uj|%|2~;BuN3ONKCZoRML+5JF$i5U!Z)?+ zVtec@7r)a_d<;U*fvF#{g$$gUN{&i zZ7253-;;6PXeVP0P4X}0GP8c!;s$6dp;3O#u$#pnPwQWqtlN(Cf*CbfgpEVy;+2X0 z@T0mpJCF15(SeN8Fonmn*W>~au!DE7A7CGp^6O`&fq5a#@{cP=vuwCYEt(dm$4^3< zxL2eh-&P`hW8WT)@h)$=?5ywUKebuv>oed7P#cU$Y)Xmb)1^bZwd{-{9N#TxW){F8 zEvicBa2^SyY(EQTwxaUVF>SLfzwX2E$UB^Z_ph8+HtsfrwPQ4o%iBsc=_KWbQZ#eT zZFyYxSRgb(=rS;h=C|}EQz6M4Rp){tFwNIVmi~a?jM3RM6WjgUCN|+`7!f?&9E!zM z>Sxc7u8ls3y@OVv33vArjGGmaU9W{Ri^It9;~aQ^^_l6v8Z+s#*B+`9DsAy{z?klN zKTP%*!Eq`lY8lRfHEX6akpRd?61kZaS`*ezsBIUy+x}yEqXR8oc_$LyU^#sXcmCu= zZooH>Q&fMIudEm5BcvZO+dh5Gy~%Tl{v?hnDGOT9$%Udyl(0s_<(ZsLE<6j)b{N<# zTQ2&u;Td60o~c9Xn%VG4{di`ytYQ$3Cs|%IG59aSXbyXSIg26B4IbUge_g!@6aI6k z^UP1`WfFWgWD+cNxVYo~bLz&5Vfww|>eZ`P^oOfhb5ds*kH@Am zCH{sqxVaF>5$kUh>9n;QN#n!2UG>-yUO*voymSaGK}O9h?0@oZ0)JpTa{9sM1^>v9 zsce>4f*ynwM#}-k>gw&LUeCQ2DS{Y=;uoiDDV9MPqtgSw*RG~l{=S@RuO=<7U&H(7 zuP`6CGdh;!rkJZLVKYN2<6<_I_ldU0++jCRhCcavE9V16;M96o*#6e=16PXX)^@ zuK%;4T_wG-CGO!$9}QM9@1YkhzN3o2ol%R}7nEWmnA%(sWS9n#@BY=X@FX%d=yJQ% z)r+5{&aL+J+EWq|RYuE_*|pKJs1Iv?j6?{OnhDLO1lD$dumO7}jAG%A)N*XQwT0RH zH>#f&2<8DD2r4>W9$X@6vtBFwnl?tf8)?EIiV6(CU;fN)Q(l9TQ390rZQ{I803cf; zIknh@AR~Nb--guRfcon$RhQo{1IB zr@hAy9b3$PjthV0{bk zwF|(aPaD}lzz7wG7G0gvGf@9!dIzmGmIahfWpa`NKkg^`Hnwe_KF`N{YdPICj z3{a-c3u2*jkrIc@eA#Wc5(MmZ1i^O2Y^cje8sVhp(C7(+!oVx4j#iUBbhtj5^!s{J z{^ThA0+jH$JAanEx+&^;e>|~D2STMp?*{P8#=|&955D1WG zfiqEPXA9YCwoY__J~y+o!86MDN!<@?jol9)BFz`eqPBfACxvE%l?zNVuEXyhUMB2Y zH)o%?RMjLIDVNb>lIg-l5^3USqs`DkW4{p@6tl$)!N6NeJs|lcO!2+eVJv|EqJ!vr^a>~^_niXPfcROL%8xS zT~&dK#s_iI%5YhPc7$xg(VOuARf~s-kDT;^gs%%TnBh;u^Gwq=T6HNkf+sIgx&%C{ z1EJH>Lke{+TP*O?9(;Bs;)4J;Q+N#9|G;_?a z;u23@16?aEj>w9H$&lTxiu&}GZm6y~9D&%&Mz=%pYnt_5SRQxbUc-V|ktR5J+V{|;5tZA?mr21fOWf${gaM6T^m zl~X#qju_($+_>R+lroBaR4h}j$w(wI<;huQ>Qa#>f+}%c z|965NysTkHEZN?qu9(aD8<4D{2%vhoH6KW%QiDjCfB^d!3UT`SE%}2Z-TE*%B!WB^ zlQ?XCVC5SuJxsCMkWFO$z|#KvaU*mfCsbc7RNg{%!t(_pY+U_0!k)LNcKP1xOg+%;u5kw9Z zLB@jxjMEA9Wt3$)g4v8G5Pj9~*3nxdgujK}TlS>pwFDj?Cfd>t|7|BtI!2+u^H<67 zu3JWq0nrc2#Nq_pWwZFC$v);i9$+DdY~K7%|44vJJL2sKBi4F3#Lg5FPd@y0?A>YO zJ$FfxH1olk9^#}9v9?*OK4uP!OFqCm7(YGg>tHDiVCVg$5y_I%eE%4=F@iou1y_?$ zCy4<-1}Wkl`Hy2ytbRJI(dGjr0FgL`bv51IZI3eJAU#%&+ju38)pA10Vqu>7U60v- z#D%eoAZ@WgjrUg=s-FWZvJ^b^C_y-TNw=_KX=b9dy;&E6tM0!NQ;7MApy-e3l@@+u zwe6(vMv)vaA_3ofH|F~duH)*#3{kQszGk>dw)x>IMNow^O$T;*D~0*qp)JL_&L>sm9<*)!V5uSTsz!nx4pd3!Y0 z(a1j_vm$usZ|)_cCDJQ|2(vvQ2LojV!xqY`$2n`bqOwvoPjbVw&S)T#1D-w z04O$+Wlxn{yLf>%zN_q77!U-s&RCgc)b@A{A0>Z869s7E~bf`vIcaR(?p{obAKCa@FcIzOBtViw=dAF<%=;vf#pwKA{|9Qca+bVROdQ57GLF{e$M3E;!G1J5=FvMD}5$8q0O?Y zh&hcW65jg}QhF@^GQDfkx%R{~(%8wfWJ3_4f?tStIxaHcu4*-8!V?)m52oWWFdqu? zgEt9AhM$e`-Vv3+jTad@djKYt`ohkIWE4R*pbu`Vw6qOaRQ0`#bvAl4UgB9@*8Cz{ z=d~*%csVZ$AF7Pcj#r_~cdo%D*+Q@& z8afEV$A{JU_zq6DP!?vtyQom}uk+&zO&ZhS-if_zL@9cBp04U8nRrp#Qpyd_3)$qD zd0~w>>+Mb;p!{Jsato$Q_2F2o46L)@D-_{tLp*BlER#nt@yrm?Mw6Yz;myQJ@+G~v zHTPcOJvb#q+(*^@wG16l?r;E#r8mcv>gPdbO^jMZ)|#0N{Xs~C;b`e*X(#KOP6#Kv zI};f{RtA?lpthvChebWR4AnZnD}RdRkmqV(c=6?iJ$QxAM-c&}ql#TVPJG7-hXkxA z7wa`okOMLStcs!2dWB%K_%3q~DR!yQKKLtakXA|1wdy^pq znfU=UnjA@{#vuo9UD*&`>b6wPr=?dM6k|pR4NXca)pO&9B})`cW>fMcO(80ay7?Hp zNp$*bA_^$TVVQ22^8oTC$bm`qN*5}P4_?Rmy}reZmHIJUy!W1alXw~ZbWl=CDy-ZJ zIuW|(AS_4T%=ZOMP2)WU-QXW+BhARIZm#6Axq(4z17-}iC)alO8647y7}$MZP9oHd zSc+2-w~SYb>+%9EPsJH$Bc0VtyXiCtnb#8SgU()b?Pvojw64h9hAxQb_jC(t>5b zWiwNVYA(P+^%hP=0rCSOGtzUj4fnh$h+=Ju7KAPf#2r7`KAW_?=zwn08Nh>%XCHeg zio+}L<;J@q*4G=vle5hca=^iF6eR`e`tePMuqQlBFki~b&E&zBp!3ZG$H7%YlcwZ% z-*TEOCm9j4m?9f2A(-FN4syG56y%L19%gXKaAeg9s2mO`!M-G_ZB5Vdhm3mjeuXHv zK-h2>2!fOzK1{mBcy7A4e$0Y~I|+HU+m+tD#Gocep5IM^xjTDH5ll&`ez}D+xbm%l zDzu==`bw_H)RJP7jw#U!%{Tt~g8jz;ySO%0hm*fZdFI44V-E6(TtwY1#g_-20+`q% zjF@-ew^Zcj_)PD{6>}`f_nYKJE2mO6aN%u7&#|M{qM<+IzNLzVT$-4viYTLcJYl}M z+1LhY=eo5YDF$C!e^TRKcn?6%lqo=7+x{WDvYYO5C|e#`hHnPMf@e5rlkMf!`|d8K z!S(f6aPJ)qZDR@<+(>G%(<-+whQCiCeqL3Y<8h5PaZ|OIox||r1eL78Pxf`2;%)&3 zDnQYZ3@)Hw&43ZZd)KDIJVQ3s>at12WkbC(V!Bzc`vpnxd{UR@72;-|2hQ+ zKeO3%&959ooSN64CQNnM?eyV+Iv%Tucg>AirmAi^+@Eu(lUhZ%;e^W_7GZ(eq|Myzw zO783DL~hhUeXlC%@-~V@?sq>=R~{I8T#!_C$b3X^OyANhRIy#PHKAqKSrV#le8`W8 zbg~yd{cQGiS9t-Zkj46eN)kAKI>>@|%Jy4*On}z#3v(<}S@X50_>0=!s1}K?!ON%O z;iK|~1xnvF&YKA90d|EIj;;OZ_5;u0ZqCD|d}k~)uhfT(l%CNQMJv*Yo1{V!+NGA~ z8!H15IMCci79R3>1l&685DneC2K zi&uums|zzBT2M*YN@cZIo5fn}Ys5#WNlzfT#*Q@VP|p)VlgD`E@Y$Bp+-k=m%|%$O z<%OdDXK;pcd3Vx~k-)(n$=aF8Ua=}hUZ5SW_y9g?NX`q4E4{rZUi9FP( zdk){pnY@sg(vhg%i)>5N#pmQ$M5*r!_3#0jXyYJDi!B%xHos1t{Vn15(yOIvq!TB|G z*WKmf+N(D{lmHKdt>-ka>lz6IxP1Y*ez=e*XXof*hw+y#uR`hx2yX#6TTGh2g4)hX){e>`!;O+HSh833f6iYdo~w~;qH|fhjsX76CwI9rJ0X$0 z6RxegscRWw!3p%fpOP$hN55T=efuOTK4(a7^@|OqEQefc5WUWwX zwMscF8;h$Y`uxDN;N~j_shO5A>VD&)qil`wn*%7y%yN_&4NvQAjVJf^T`OO7tgD;C zC60IrBSeH@VPM!$f@X-y*xl;YEQLhN$FrH#GnC?JClcvo=KOn+6Ot3$0=F8t*A{zj zvO_Hd`WvIQ3(6F5lLB^XjF{il#<1=3j+0Lox^Tz9RzviCy1XN=Lo{0&X zeh!*#e-YOZ@Av>|9yiLkJhk4t*M%K=VHB;nB&U(r+{#~+D^5N@ zn9IGG&q(-GU>)-Di#z|KP)^uGV)whtta1)yWKGA`w9?lL2~PK69fr{8&$dTCuiB#o z90*PqBRq8<$*x@o_%n&C;r)yW;|En9>zEuszanSk-YUgBSQg3Z<*5B3VKzHTmKH1S-Bdnstx;(y|0}7 z^!c^?tEp2Cw)aoF5=%p>svk>Mu3nTXS#ze&Va1?l69hCAFGaJ2bXUhEs8q5gZ0DpD z*sH|har?Eat+B1<`7Nh@oji1BN`>020p4jUe{nozS7W zQ-B1y>R#;r1{Ohs%SQ+7%P2+E6G6hr!+i0q9w{S;D9+I#C7&mLp&B-al>2&JraMN;*xZUh;A1JV#n>Ha;uLov5UF5|xE_-YQ z`t*ybLaAFi(X-7yedB~b_89WzX{PZNJ(0Wzc(IRadW83mg-yOp7cIQ&H`aABxF{2b zHI`d!AXcEjwsq0vu{E;XacimOAjowlCp;!6_1Cs06&?VsKFBa`$(7Z1by*)~xO3i> zX_at!DXkK`w6}1c+lq(h# z;HBmZ^1pqnc4%fv-)uSUDlLHV8uhxK05P{47}LJes5}+q^@?rA)SQJ6B)q;Pd}mZq zA4ziSi+3Ubz^-SqgtvDjjN)crk9cG$WHRoS=8B7?i6bHBX<9K{`^3D@CC_?VjoF+& zh@(Rjb9CvmtmMY*%^S(~lNI;{b@;WJ=y)1Y>jH)hH{aan_4tKrmE(p{(r=)CNvFoc zXxnskt8Q=U`Lm4#7gLfm*D=?tC3x!_oPQ!ybk|Oo=PdrZ*Rn4qHd$m|6@)`It&w$Y z7@#$nJVQf@!g$H;cPl*uO%PuwRV$-(LsIpidkj? z*nY3)kIg-P0Y3Yhkf60wer-_MyWrxpnN{#gL61L&w~z4m4yOr^w{i&llrIr$b^F8U z;GSJBqLYdq{=H)*J_YRAZ8lPS&Wy-?1K57mB$7C~D=WQ)=+|&I^rdZVvTp``^nt~D z?7$|@0{CGr{P9j%N*u`L(s4TT_#foQ$8Xg+^K#zJgFQpr`7UAy`|WZ)+QBDGsTE)L#kxqB-T&;C&W0y)s^h8acjF zF48$CHy9#GGsh~(;%q+Xbo<3o7szb-jc>xfO&XK5WnIo60R6ZIr}efz&X2dTLO-oq z9FKfvZ%WuUVdK#86MXKl?gPcLJ{d@DD=1XFLfI?G7}LfS8RBUt2rL|jvQcEsVd5~+ z%gr(3$?P}k;1Aq}?k&qydz)(Ji*m zW{Qxpt8uF3w|5NM2I7Qo(m9dg0a)*N4K~{L&fP+v1erAqwc@QKicHGv8r70@nZBk) ziYfyaQgwGsigQ%T3-e@Q!{~sB#cWtaFp>a&hOKj_kf&!sK>J(9RQK0x8}F8sDrGI# zcCgbmm?k%WGWV|%EFR3~t(UBT9^O08pZyzKgBt7 zpTYIN1GbFZFp2?bmuAUxid}9T2QU}qd7d??Xk{n8$ zYUBEpI1GdFb4c4ADo-^D)~;HtF%ib2&dW> z9T127Xn1q>l)~UlCjDnGBG?;<;}JOd8Tw^Is0ekIF}d!6Uw3~-BgHk`9r>*sM&p1f zG0-HOdY&ucd0INj!#q7gsqk_gpTrUXkCS-K^AtOA%JuV;*0eUd8|HqGvN&B-q1at2R)y3Q@h&SyUi=jz>+ z>blURO%{ceLok=B?}EQR2dlJMoY3!meLu*?-KmcYIfQ4?MC0_QF0<;MqGzCaoKR~G z(tQX0TFYTfhyn|1aqq`!X*}w-x~;}c)AlXHZ!_!X&_F+GsT{zEP6bLMzdFeFv7V)- z4Y3j=y*~JZWTljzYnRRW`mzjA|y29Y#GPQBe8`-?g}tDAzWrWCd0H zw5;VraD>=-3@jZ&85pgap zwokXmm|yPSYgNby`cVLaU zP|UW<;p50E5&vQd?7_p!PuuoA4?*xVbv448p~eEeL=|L=+%h87T7%vj7SsoIneWd3 zt6Y8&Q~zuSW!FXco(K6uu4urCC2nz2wd<|z)7pB^pG=A2w!wW%vP+ssdh;Yv%4zvT zE9$JGQ8okgJb~n&4kO4xu+QDqC7F7*Xu>-e+Vt~Sr{C|VP>PRoixP%okq;IZZq9SE z!w^*%;yW@MsVO=3rWng}oNpb)l+*eV!tb84-R$&lANPO%S@mF8+)3!XygHlRSMbF1 zrwoMU{rl7zALr!IyWY%xV5j>Yt)08QD#jNWm}pFdp*GWxT1H`BuVtK3Ir>2mGjHhh z{KEK2AyPyPd$S>?>U@&`jjy#C7g?Tbu>UgAAQmT!yR~NIo;dc7po8euO-Eoyc9r|E z(fov=@?~Oopb2E4bo0%byW3CnHU?8jdLZ>_^d98IFr_adB3Dlt*SA%kfzxZUI$52J zr%Mo8c{(9vxcw56ro0!GGKRM|!l!>o8PL2#iJB#i%!Ph-?CWbP0i65ba;rDpaAW)8 z`Inb>xQut7!$Hm2Gh*@6){!~J3hpZkOv=7Mhlboz17!J8?0 zdzYFuU6vT6L~sOE>C?EB>Cuz5NZF2kb3;-lk63`6@(P@C=urEBB;5@bP+s&?2Qey4 z7+tY!oqTCR+0_kT954YwJ}!)hFkPP<10V|&!UepU+gJ(QqtAcuMDwg4?6p7 zXnX`|JG-lI2;e=rUt$+i#pCO;YG`t1BFY5qC}%1TSF>`_lnQF8 zfZ-4=;G?#&?GMj}t47`ekpdyFAL`H$rSv0Q(lF&}+`Z_YCw|$(akUz$&nG>LU5D8{ zC0kSE&*KuMfZtcnj9fZqS(vaS5Hk30bMbc!S?guN*(lYJFBb016LPQ_VA8)YJOM29if+el>cOZa~KyM&;GFr zV{wUyz&i>Ld*p_9?;_O)%}A{r)UT!7`Kx=^@MM7R!?1-}jJ?FiS zYU-#b)LUQgPzf`*0-_&S!E#-x$Al@j)6Q4as(P^$43*OBioLP*yG1oT|8iF3=%q{` z{{d2-^#~&^TPEY?@x`*D=G1S0P(_bU80UkM{`P^vG*FYk^(_j_11`cPMZNf&S?<*Z z7E+-@=8Q8quFgz`Cnx%^@Ws>bimSZ^0JiO?AET9jX+Rb;yiODh4UUft?oa!O8SXqwV)6H<;H= z-7OTVzAz#JN0DBqtBZVIi-Ihw`iS9c{Ma4z0?$|uL3$*ZP>9#LPLIoD#$7dz2OW6= zF{j5i%d1u;>xMsP=ZtFJqW0@@Qdma=)qHmXx%J3YW%g!Od<9x3s>>fs>8-#BcoMlx zo~Lc@6nM-stk{Qw$+MR3i%ipJv!G{wp|0iiwyjJF z&a@N-P)2_lMy9}+mp`z)|6CO*#5inDtfdzQDq^^@E zWag}ay!=@Lvo-;nh#!hnl~cuk@iDY-9ao0K5yA!lL@o}Hm`7QJ&!zyf@1B(VMIZZL zvLnwT>HY(B{=$MuA=RM~*^)P#}>YiIv`thSx&g z?H~DV^=XfR5y=f2L-{F>Ni>#Q07~|=jl-Safb%)v{3zgZg&HmhZ(6b_-ToelAuA54 z)71#f<)>Ytw@g2m666Tt!p$8`Z@<{JTbL)O8Rpwn!0Nv3b5DGL$ z{MMJfef7_~JHP8=KItUU6iz)}TQvOxfSLvoCwK%xDeO-Bs#%epo03lUmQIFDAV)h= zMV>&W${nN0tvf+18#6<$6;2^Q1>GG6GK2yNfhM+vJe{jz5#MUBb=wNRZF@#vOC;v9 zB18VH`^9p@_1GP$kS2k2yPCefFyv^-=tRxo7!gPsQJcqUWy;+7x#jcbP)cWjpa!6V z3=1R%(DjrgRybO|`zGe=`NCu0k(N;JBcjnDw`ks#5^es|0QAX604F05+GO9paAw5Y z!@jX3jf@B+gXqm;C2&X0%>$M{qOXUqopO2=aCE}0vRD`WHLRJxns{%7EJjakf_`9`?Lv!QW_08 zUh}kkcUQ#QZ_n6?Fp$`UVs1gH`CsEii`+kgoBVMj6!YExwk2d z`UeStY1f-jW}X_L=<@fjpX=>fTb~&NsWBpu5q6=`K%=gnE>-7WpfJ^3NGRQ%QZ_@v z0Fa3JU$kvoa8E4gOrh*|W*HI44;;CsNTIgOyHS~=zY`#3nHpalNG#y^ZU3gXew7tt zDKH|C9~eTZTA(zInkG}{pCr@d&lO74Ct!Exm#jdr$L4hKdAaui@Hn_a6kjlET>%sB-> z<(~Xr1A-OlP(2+6g+>F8hx^)=JpxzjuyKlq5rGV2)OlkHb4pMDi&&<;WEeaRk|7=y z#Xk2nE&r3RXTx_x?Mylt5y&t_TQ#pFui*Ig0Q5(JFaV$}VBc|_z45cfL+wa984<`Z z#b_G$902`L`;i2zyj|;_^7U_hD;9LbhT55QGa`^-h^h4C*r{z3~=X z!>6APwIi8iL?FWuW9gimhT4Zi5es`41+7hgbK5p9j0c<E?;mw_EgPXpE+|MffSe^5`0!5G!b=F>T<84<`ZrF_PH?}(+Ei+25#UV%`G`e@L$HXg7o_gJ?t4SBn^#KYcWe!$Jc zh(LxZ5{21NHubi}068v2fg~uUI|#uFN9&UB6A66j?p!kD*+PyMMg%g9ktlP-+Pq2E z8;WLJN!%Jjd(VPJzd_R@c&p~L?A~AlDvsBwNx_+ z1eKsL0}xSAKR~PiZKssfJKGlzi&Qzs5+s`&W=0s{Xyg9@R_K}s`8;;Q00000NkvXX Hu0mjff?tm{ literal 0 HcmV?d00001 diff --git a/stable/authelia/11.0.19/ix_values.yaml b/stable/authelia/11.0.19/ix_values.yaml new file mode 100644 index 00000000000..20e8306d3aa --- /dev/null +++ b/stable/authelia/11.0.19/ix_values.yaml @@ -0,0 +1,623 @@ +image: + repository: tccr.io/truecharts/authelia + pullPolicy: IfNotPresent + tag: v4.36.2@sha256:840f67bae1d2c090922c6a1781da6f6b7ce601e4303a4461bcc43a967dd95c62 + +command: ["authelia"] +args: ["--config=/configuration.yaml"] + +enableServiceLinks: false + +service: + main: + ports: + main: + port: 9091 + targetPort: 9091 + +persistence: + config: + enabled: true + mountPath: "/config" +# Enabled postgres +postgresql: + enabled: true + existingSecret: "dbcreds" + postgresqlUsername: authelia + postgresqlDatabase: authelia + +# Enabled redis +# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis +redis: + enabled: true + existingSecret: "rediscreds" + +resources: + limits: {} + # limits: + # cpu: "4.00" + # memory: 125Mi + requests: {} + # requests: + # cpu: "0.25" + # memory: 50Mi + +envFrom: + - configMapRef: + name: authelia-paths + +# probes: +# liveness: +# type: HTTP +# path: /api/health" + +# readiness: +# type: HTTP +# path: "/api/health" + +# startup: +# type: HTTP +# path: "/api/health" + +domain: example.com + +## +## Server Configuration +## +server: + ## + ## Port sets the configured port for the daemon, service, and the probes. + ## Default is 9091 and should not need to be changed. + ## + port: 9091 + + ## Buffers usually should be configured to be the same value. + ## Explanation at https://www.authelia.com/docs/configuration/server.html + ## Read buffer size adjusts the server's max incoming request size in bytes. + ## Write buffer size does the same for outgoing responses. + read_buffer_size: 4096 + write_buffer_size: 4096 + ## Set the single level path Authelia listens on. + ## Must be alphanumeric chars and should not contain any slashes. + path: "" + +log: + ## Level of verbosity for logs: info, debug, trace. + level: trace + + ## Format the logs are written as: json, text. + format: text + + ## TODO: Statefulness check should check if this is set, and the configMap should enable it. + ## File path where the logs will be written. If not set logs are written to stdout. + # file_path: /config/authelia.log + +## Default redirection URL +## +## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end +## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use +## in such a case. +## +## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication. +## Default is https://www. (value at the top of the values.yaml). +default_redirection_url: "" +# default_redirection_url: https://example.com + +theme: light + +## +## TOTP Configuration +## +## Parameters used for TOTP generation +totp: + ## The issuer name displayed in the Authenticator application of your choice + ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names + ## Defaults to . + issuer: "" + ## The period in seconds a one-time password is current for. Changing this will require all users to register + ## their TOTP applications again. Warning: before changing period read the docs link below. + period: 30 + ## The skew controls number of one-time passwords either side of the current one that are valid. + ## Warning: before changing skew read the docs link below. + ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation. + skew: 1 + +## +## Duo Push API Configuration +## +## Parameters used to contact the Duo API. Those are generated when you protect an application of type +## "Partner Auth API" in the management panel. +duo_api: + enabled: false + hostname: api-123456789.example.com + integration_key: ABCDEF + plain_api_key: "" + +## +## Authentication Backend Provider Configuration +## +## Used for verifying user passwords and retrieve information such as email address and groups users belong to. +## +## The available providers are: `file`, `ldap`. You must use one and only one of these providers. +authentication_backend: + ## Disable both the HTML element and the API for reset password functionality + disable_reset_password: false + + ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation. + ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will + ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP. + ## To force update on every request you can set this to '0' or 'always', this will increase processor demand. + ## See the below documentation for more information. + ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format + ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval + refresh_interval: 5m + + ## LDAP backend configuration. + ## + ## This backend allows Authelia to be scaled to more + ## than one instance and therefore is recommended for + ## production. + ldap: + + ## Enable LDAP Backend. + enabled: false + + ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password. + ## Acceptable options are as follows: + ## - 'activedirectory' - For Microsoft Active Directory. + ## - 'custom' - For custom specifications of attributes and filters. + ## This currently defaults to 'custom' to maintain existing behaviour. + ## + ## Depending on the option here certain other values in this section have a default value, notably all of the + ## attribute mappings have a default value that this config overrides, you can read more about these default values + ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults + implementation: activedirectory + + ## The url to the ldap server. Format: ://

[:]. + ## Scheme can be ldap or ldaps in the format (port optional). + url: ldap://openldap.default.svc.cluster.local + + ## Connection Timeout. + timeout: 5s + + ## Use StartTLS with the LDAP connection. + start_tls: false + + tls: + ## Server Name for certificate validation (in case it's not set correctly in the URL). + server_name: "" + + ## Skip verifying the server certificate (to allow a self-signed certificate). + ## In preference to setting this we strongly recommend you add the public portion of the certificate to the + ## certificates directory which is defined by the `certificates_directory` option at the top of the config. + skip_verify: false + + ## Minimum TLS version for either Secure LDAP or LDAP StartTLS. + minimum_version: TLS1.2 + + ## The base dn for every LDAP query. + base_dn: DC=example,DC=com + + ## The attribute holding the username of the user. This attribute is used to populate the username in the session + ## information. It was introduced due to #561 to handle case insensitive search queries. For you information, + ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this + ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database. + ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user + ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also + ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above + ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt. + username_attribute: "" + + ## An additional dn to define the scope to all users. + additional_users_dn: OU=Users + + ## The users filter used in search queries to find the user profile based on input filled in login form. + ## Various placeholders are available in the user filter: + ## - {input} is a placeholder replaced by what the user inputs in the login form. + ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`. + ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`. + ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later + ## versions, so please don't use it. + ## + ## Recommended settings are as follows: + ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user)) + ## - OpenLDAP: + ## - (&({username_attribute}={input})(objectClass=person)) + ## - (&({username_attribute}={input})(objectClass=inetOrgPerson)) + ## + ## To allow sign in both with username and email, one can use a filter like + ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person)) + users_filter: "" + + ## An additional dn to define the scope of groups. + additional_groups_dn: OU=Groups + + ## The groups filter used in search queries to find the groups of the user. + ## - {input} is a placeholder replaced by what the user inputs in the login form. + ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`). + ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN. + ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`. + ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`. + ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later + ## versions, so please don't use it. + ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in + ## later version, so please don't use it. + ## + ## If your groups use the `groupOfUniqueNames` structure use this instead: + ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames)) + groups_filter: "" + + ## The attribute holding the name of the group + group_name_attribute: "" + + ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the + ## first one returned by the LDAP server is used. + mail_attribute: "" + + ## The attribute holding the display name of the user. This will be used to greet an authenticated user. + display_name_attribute: "" + + ## The username of the admin user. + user: CN=Authelia,DC=example,DC=com + plain_password: "" + + ## + ## File (Authentication Provider) + ## + ## With this backend, the users database is stored in a file which is updated when users reset their passwords. + ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia + ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security + ## implications it is highly recommended you leave the default values. Before considering changing these settings + ## please read the docs page below: + ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning + ## + ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html + ## + file: + enabled: true + path: /config/users_database.yml + password: + algorithm: argon2id + iterations: 1 + key_length: 32 + salt_length: 16 + memory: 1024 + parallelism: 8 + +## +## Access Control Configuration +## +## Access control is a list of rules defining the authorizations applied for one resource to users or group of users. +## +## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed +## to anyone. Otherwise restrictions follow the rules defined. +## +## Note: One can use the wildcard * to match any subdomain. +## It must stand at the beginning of the pattern. (example: *.mydomain.com) +## +## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct. +## +## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'. +## +## - 'domain' defines which domain or set of domains the rule applies to. +## +## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not +## provided. If provided, the parameter represents either a user or a group. It should be of the form +## 'user:' or 'group:'. +## +## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'. +## +## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter +## is optional and matches any resource if not provided. +## +## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies. +access_control: + ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any + ## resource if there is no policy to be applied to the user. + default_policy: deny + + networks: [] + # networks: + # - name: private + # networks: + # - 10.0.0.0/8 + # - 172.16.0.0/12 + # - 192.168.0.0/16 + # - name: vpn + # networks: + # - 10.9.0.0/16 + + rules: [] + # rules: + # - domain: public.example.com + # policy: bypass + # - domain: "*.example.com" + # policy: bypass + # methods: + # - OPTIONS + # - domain: secure.example.com + # policy: one_factor + # networks: + # - private + # - vpn + # - 192.168.1.0/24 + # - 10.0.0.1 + # - domain: + # - secure.example.com + # - private.example.com + # policy: two_factor + # - domain: singlefactor.example.com + # policy: one_factor + # - domain: "mx2.mail.example.com" + # subject: "group:admins" + # policy: deny + # - domain: "*.example.com" + # subject: + # - "group:admins" + # - "group:moderators" + # policy: two_factor + # - domain: dev.example.com + # resources: + # - "^/groups/dev/.*$" + # subject: "group:dev" + # policy: two_factor + # - domain: dev.example.com + # resources: + # - "^/users/john/.*$" + # subject: + # - ["group:dev", "user:john"] + # - "group:admins" + # policy: two_factor + # - domain: "{user}.example.com" + # policy: bypass + +## +## Session Provider Configuration +## +## The session cookies identify the user once logged in. +## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined. +session: + ## The name of the session cookie. (default: authelia_session). + name: authelia_session + + ## Sets the Cookie SameSite value. Possible options are none, lax, or strict. + ## Please read https://www.authelia.com/docs/configuration/session.html#same_site + same_site: lax + + ## The time in seconds before the cookie expires and session is reset. + expiration: 1h + + ## The inactivity time in seconds before the session is reset. + inactivity: 5m + + ## The remember me duration. + ## Value is in seconds, or duration notation. Value of 0 disables remember me. + ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format + ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to + ## spy or attack. Currently the default is 1M or 1 month. + remember_me_duration: 1M + +## +## Redis Provider +## +## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html +## +## The redis connection details +redisProvider: + port: 6379 + + ## Optional username to be used with authentication. + # username: authelia + username: "" + + ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc). + database_index: 0 + + ## The maximum number of concurrent active connections to Redis. + maximum_active_connections: 8 + + ## The target number of idle connections to have open ready for work. Useful when opening connections is slow. + minimum_idle_connections: 0 + + ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s). + tls: + enabled: false + + ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option). + server_name: "" + + ## Skip verifying the server certificate (to allow a self-signed certificate). + ## In preference to setting this we strongly recommend you add the public portion of the certificate to the + ## certificates directory which is defined by the `certificates_directory` option at the top of the config. + skip_verify: false + + ## Minimum TLS version for the connection. + minimum_version: TLS1.2 + + ## The Redis HA configuration options. + ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name). + high_availability: + enabled: false + enabledSecret: false + ## Sentinel Name / Master Name + sentinel_name: mysentinel + + ## The additional nodes to pre-seed the redis provider with (for sentinel). + ## If the host in the above section is defined, it will be combined with this list to connect to sentinel. + ## For high availability to be used you must have either defined; the host above or at least one node below. + nodes: [] + # nodes: + # - host: sentinel-0.databases.svc.cluster.local + # port: 26379 + # - host: sentinel-1.databases.svc.cluster.local + # port: 26379 + + ## Choose the host with the lowest latency. + route_by_latency: false + + ## Choose the host randomly. + route_randomly: false + +## +## Regulation Configuration +## +## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done +## in a short period of time. +regulation: + ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation. + max_retries: 3 + + ## The time range during which the user can attempt login before being banned. The user is banned if the + ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation. + ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format + find_time: 2m + + ## The length of time before a banned user can login again. Ban Time accepts duration notation. + ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format + ban_time: 5m + +## +## Storage Provider Configuration +## +## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers. +storage: + ## + ## PostgreSQL (Storage Provider) + ## + postgres: + port: 5432 + database: authelia + username: authelia + sslmode: disable + timeout: 5s + +## +## Notification Provider +## +## +## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration. +## The available providers are: filesystem, smtp. You must use one and only one of these providers. +notifier: + ## You can disable the notifier startup check by setting this to true. + disable_startup_check: false + + ## + ## File System (Notification Provider) + ## + ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html + ## + filesystem: + enabled: true + filename: /config/notification.txt + + ## + ## SMTP (Notification Provider) + ## + ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate. + ## [Security] By default Authelia will: + ## - force all SMTP connections over TLS including unauthenticated connections + ## - use the disable_require_tls boolean value to disable this requirement + ## (only works for unauthenticated connections) + ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates + ## (configure in tls section) + smtp: + enabled: false + enabledSecret: false + host: smtp.mail.svc.cluster.local + port: 25 + timeout: 5s + username: test + plain_password: test + sender: admin@example.com + ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost. + identifier: localhost + ## Subject configuration of the emails sent. + ## {title} is replaced by the text from the notifier + subject: "[Authelia] {title}" + ## This address is used during the startup check to verify the email configuration is correct. + ## It's not important what it is except if your email server only allows local delivery. + startup_check_address: test@authelia.com + disable_require_tls: false + disable_html_emails: false + + tls: + ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option). + server_name: "" + + ## Skip verifying the server certificate (to allow a self-signed certificate). + ## In preference to setting this we strongly recommend you add the public portion of the certificate to the + ## certificates directory which is defined by the `certificates_directory` option at the top of the config. + skip_verify: false + + ## Minimum TLS version for either StartTLS or SMTPS. + minimum_version: TLS1.2 + +identity_providers: + oidc: + ## Enables this in the config map. Currently in beta stage. + ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap + enabled: false + + access_token_lifespan: 1h + authorize_code_lifespan: 1m + id_token_lifespan: 1h + refresh_token_lifespan: 90m + + enable_client_debug_messages: false + + ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for + ## security reasons. + minimum_parameter_entropy: 8 + + clients: [] + # clients: + # - + ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration. + # id: myapp + + ## The description to show to users when they end up on the consent screen. Defaults to the ID above. + # description: My Application + + ## The client secret is a shared secret between Authelia and the consumer of this client. + # secret: apple123 + + ## Sets the client to public. This should typically not be set, please see the documentation for usage. + # public: false + + ## The policy to require for this client; one_factor or two_factor. + # authorization_policy: two_factor + + ## Audience this client is allowed to request. + # audience: [] + + ## Scopes this client is allowed to request. + # scopes: + # - openid + # - profile + # - email + # - groups + + ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client. + # redirect_uris: + # - https://oidc.example.com/oauth2/callback + + ## Grant Types configures which grants this client can obtain. + ## It's not recommended to configure this unless you know what you're doing. + # grant_types: + # - refresh_token + # - authorization_code + + ## Response Types configures which responses this client can be sent. + ## It's not recommended to configure this unless you know what you're doing. + # response_types: + # - code + + ## Response Modes configures which response modes this client supports. + ## It's not recommended to configure this unless you know what you're doing. + # response_modes: + # - form_post + # - query + # - fragment + + ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256. + # userinfo_signing_algorithm: none diff --git a/stable/authelia/11.0.19/questions.yaml b/stable/authelia/11.0.19/questions.yaml new file mode 100644 index 00000000000..9553d99e5a8 --- /dev/null +++ b/stable/authelia/11.0.19/questions.yaml @@ -0,0 +1,3340 @@ +groups: + - name: "Container Image" + description: "Image to be used for container" + - name: "Controller" + description: "Configure workload deployment" + - name: "Container Configuration" + description: "additional container configuration" + - name: "App Configuration" + description: "App specific config options" + - name: "Networking and Services" + description: "Configure Network and Services for container" + - name: "Storage and Persistence" + description: "Persist and share data that is separate from the container" + - name: "Ingress" + description: "Ingress Configuration" + - name: "Security and Permissions" + description: "Configure security context and permissions" + - name: "Resources and Devices" + description: "Specify resources/devices to be allocated to workload" + - name: "Middlewares" + description: "Traefik Middlewares" + - name: "Metrics" + description: "Metrics" + - name: "Addons" + description: "Addon Configuration" + - name: "Advanced" + description: "Advanced Configuration" +portals: + open: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" +questions: + - variable: portal + group: "Container Image" + label: "Configure Portal Button" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enable" + description: "enable the portal button" + schema: + hidden: true + editable: false + type: boolean + default: true + - variable: global + label: "global settings" + group: "Controller" + schema: + type: dict + hidden: true + attrs: + - variable: isSCALE + label: "flag this is SCALE" + schema: + type: boolean + default: true + hidden: true + - variable: controller + group: "Controller" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: advanced + label: "Show Advanced Controller Settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: type + description: "Please specify type of workload to deploy" + label: "(Advanced) Controller Type" + schema: + type: string + default: "deployment" + required: true + enum: + - value: "deployment" + description: "Deployment" + - value: "statefulset" + description: "Statefulset" + - value: "daemonset" + description: "Daemonset" + - variable: replicas + description: "Number of desired pod replicas" + label: "Desired Replicas" + schema: + type: int + default: 1 + required: true + - variable: strategy + description: "Please specify type of workload to deploy" + label: "(Advanced) Update Strategy" + schema: + type: string + default: "Recreate" + required: true + enum: + - value: "Recreate" + description: "Recreate: Kill existing pods before creating new ones" + - value: "RollingUpdate" + description: "RollingUpdate: Create new pods and then kill old ones" + - value: "OnDelete" + description: "(Legacy) OnDelete: ignore .spec.template changes" + - variable: expert + label: "Show Expert Configuration Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: extraArgs + label: "Extra Args" + schema: + type: list + default: [] + items: + - variable: arg + label: "arg" + schema: + type: string + - variable: labelsList + label: "Controller Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: " Controller Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: TZ + label: "Timezone" + group: "Container Configuration" + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" + + - variable: envList + label: "Image environment" + group: "Container Configuration" + schema: + type: list + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: expertpodconf + group: "Container Configuration" + label: "Show Expert Config" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: tty + label: "Enable TTY" + description: "Determines whether containers in a pod runs with TTY enabled. By default pod has it disabled." + group: "Workload Details" + schema: + type: boolean + default: false + - variable: stdin + label: "Enable STDIN" + description: "Determines whether containers in a pod runs with stdin enabled. By default pod has it disabled." + group: "Workload Details" + schema: + type: boolean + default: false + - variable: termination + group: "Container Configuration" + label: "Termination settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: gracePeriodSeconds + label: "Grace Period Seconds" + schema: + type: int + default: 10 + - variable: podLabelsList + group: "Container Configuration" + label: "Pod Labels" + schema: + type: list + default: [] + items: + - variable: podLabelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: podAnnotationsList + group: "Container Configuration" + label: "Pod Annotations" + schema: + type: list + default: [] + items: + - variable: podAnnotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: domain + group: "App Configuration" + label: "Domain" + description: "The highest domain level possible, for example: domain.com when using app.domain.com" + schema: + type: string + default: "" + required: true + + - variable: default_redirection_url + group: "App Configuration" + label: "Default Redirection Url" + description: "If user tries to authenticate without any referer, this is used" + schema: + type: string + default: "" + + - variable: theme + group: "App Configuration" + label: "Theme" + schema: + type: string + default: "light" + enum: + - value: "light" + description: "info" + - value: "grey" + description: "grey" + - value: "dark" + description: "dark" + + - variable: log + group: "App Configuration" + label: "Log Configuration " + schema: + additional_attrs: true + type: dict + attrs: + - variable: level + label: "Log Level" + schema: + type: string + default: "info" + enum: + - value: "info" + description: "info" + - value: "debug" + description: "debug" + - value: "trace" + description: "trace" + - variable: format + label: "Log Format" + schema: + type: string + default: "text" + enum: + - value: "json" + description: "json" + - value: "text" + description: "text" + + - variable: totp + group: "App Configuration" + label: "TOTP Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: issuer + label: "Issuer" + description: "The issuer name displayed in the Authenticator application of your choice" + schema: + type: string + default: "" + - variable: period + label: "Period" + description: "The period in seconds a one-time password is current for" + schema: + type: int + default: 30 + - variable: skew + label: "skew" + description: "Controls number of one-time passwords either side of the current one that are valid." + schema: + type: int + default: 1 + + - variable: duo_api + group: "App Configuration" + label: "DUO API Configuration" + description: "Parameters used to contact the Duo API." + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostname + label: "Hostname" + schema: + type: string + required: true + default: "" + + - variable: integration_key + label: "integration_key" + schema: + type: string + default: "" + required: true + - variable: plain_api_key + label: "plain_api_key" + schema: + type: string + default: "" + required: true + + - variable: session + group: "App Configuration" + label: "Session Provider" + description: "The session cookies identify the user once logged in." + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Cookie Name" + description: "The name of the session cookie." + schema: + type: string + required: true + default: "authelia_session" + - variable: same_site + label: "SameSite Value" + description: "Sets the Cookie SameSite value" + schema: + type: string + default: "lax" + enum: + - value: "lax" + description: "lax" + - value: "strict" + description: "strict" + - variable: expiration + label: "Expiration Time" + description: "The time in seconds before the cookie expires and session is reset." + schema: + type: string + default: "1h" + required: true + - variable: inactivity + label: "Inactivity Time" + description: "The inactivity time in seconds before the session is reset." + schema: + type: string + default: "5m" + required: true + - variable: inactivity + label: "Remember-Me duration" + description: "The remember me duration" + schema: + type: string + default: "5M" + required: true + + - variable: regulation + group: "App Configuration" + label: "Regulation Configuration" + description: "his mechanism prevents attackers from brute forcing the first factor." + schema: + additional_attrs: true + type: dict + attrs: + - variable: max_retries + label: "Maximum Retries" + description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation." + schema: + type: int + default: 3 + - variable: find_time + label: "Find Time" + description: "The time range during which the user can attempt login before being banned." + schema: + type: string + default: "2m" + required: true + - variable: ban_time + label: "Ban Duration" + description: "The length of time before a banned user can login again" + schema: + type: string + default: "5m" + required: true + + - variable: authentication_backend + group: "App Configuration" + label: "Authentication Backend Provider" + description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to." + schema: + additional_attrs: true + type: dict + attrs: + - variable: disable_reset_password + label: "Disable Reset Password" + description: "Disable both the HTML element and the API for reset password functionality" + schema: + type: boolean + default: false + - variable: refresh_interval + label: "Reset Interval" + description: "The amount of time to wait before we refresh data from the authentication backend" + schema: + type: string + default: "5m" + required: true + - variable: ldap + label: "LDAP backend configuration" + description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: implementation + label: "Implementation" + description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password" + schema: + type: string + default: "custom" + enum: + - value: "activedirectory" + description: "activedirectory" + - value: "custom" + description: "custom" + - variable: url + label: "URL" + description: "The url to the ldap server. Format: ://
[:]" + schema: + type: string + default: "ldap://openldap.default.svc.cluster.local" + required: true + - variable: timeout + label: "Connection Timeout" + schema: + type: string + default: "5s" + required: true + - variable: start_tls + label: "Start TLS" + description: "Use StartTLS with the LDAP connection" + schema: + type: boolean + default: false + - variable: tls + label: "TLS Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: server_name + label: "Server Name" + description: "Server Name for certificate validation (in case it's not set correctly in the URL)." + schema: + type: string + default: "" + - variable: skip_verify + label: "Skip Certificate Verification" + description: "Skip verifying the server certificate (to allow a self-signed certificate)" + schema: + type: boolean + default: false + - variable: minimum_version + label: "Minimum TLS version" + description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS." + schema: + type: string + default: "TLS1.2" + enum: + - value: "TLS1.0" + description: "TLS1.0" + - value: "TLS1.1" + description: "TLS1.1" + - value: "TLS1.2" + description: "TLS1.2" + - value: "TLS1.3" + description: "TLS1.3" + - variable: base_dn + label: "Base DN" + description: "The base dn for every LDAP query." + schema: + type: string + default: "DC=example,DC=com" + required: true + - variable: username_attribute + label: "Username Attribute" + description: "The attribute holding the username of the user" + schema: + type: string + default: "" + required: true + - variable: additional_users_dn + label: "Additional Users DN" + description: "An additional dn to define the scope to all users." + schema: + type: string + default: "OU=Users" + required: true + - variable: users_filter + label: "Users Filter" + description: "The groups filter used in search queries to find the groups of the user." + schema: + type: string + default: "" + required: true + - variable: additional_groups_dn + label: "Additional Groups DN" + description: "An additional dn to define the scope of groups." + schema: + type: string + default: "OU=Groups" + required: true + - variable: groups_filter + label: "Groups Filter" + description: "The groups filter used in search queries to find the groups of the user." + schema: + type: string + default: "" + required: true + - variable: group_name_attribute + label: "Group name Attribute" + description: "The attribute holding the name of the group" + schema: + type: string + default: "" + required: true + - variable: mail_attribute + label: "Mail Attribute" + description: "The attribute holding the primary mail address of the user" + schema: + type: string + default: "" + required: true + - variable: display_name_attribute + label: "Display Name Attribute" + description: "he attribute holding the display name of the user. This will be used to greet an authenticated user." + schema: + type: string + default: "" + - variable: user + label: "Admin User" + description: "The username of the admin user used to connect to LDAP." + schema: + type: string + default: "CN=Authelia,DC=example,DC=com" + required: true + - variable: plain_password + label: "Password" + schema: + type: string + default: "" + required: true + - variable: file + label: "File backend configuration" + description: "With this backend, the users database is stored in a file which is updated when users reset their passwords." + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: path + label: "Path" + schema: + type: string + default: "/config/users_database.yml" + required: true + - variable: password + label: "Password Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: algorithm + label: "Algorithm" + schema: + type: string + default: "argon2id" + enum: + - value: "argon2id" + description: "argon2id" + - value: "sha512" + description: "sha512" + - variable: iterations + label: "Iterations" + schema: + type: int + default: 1 + required: true + - variable: key_length + label: "Key Length" + schema: + type: int + default: 32 + required: true + - variable: salt_length + label: "Salt Length" + schema: + type: int + default: 16 + required: true + - variable: memory + label: "Memory" + schema: + type: int + default: 1024 + required: true + - variable: parallelism + label: "Parallelism" + schema: + type: int + default: 8 + required: true + + - variable: notifier + group: "App Configuration" + label: "Notifier Configuration" + description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration." + schema: + additional_attrs: true + type: dict + attrs: + - variable: disable_startup_check + label: "Disable Startup Check" + schema: + type: boolean + default: false + - variable: filesystem + label: "Filesystem Provider" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: filename + label: "File Path" + schema: + type: string + default: "/config/notification.txt" + required: true + - variable: smtp + label: "SMTP Provider" + description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate." + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: true + show_subquestions_if: true + subquestions: + - variable: host + label: "Host" + schema: + type: string + default: "smtp.mail.svc.cluster.local" + required: true + - variable: port + label: "Port" + schema: + type: int + default: 25 + required: true + - variable: timeout + label: "Timeout" + schema: + type: string + default: "5s" + required: true + - variable: username + label: "Username" + schema: + type: string + default: "" + required: true + - variable: plain_password + label: "Password" + schema: + type: string + default: "" + required: true + - variable: sender + label: "Sender" + schema: + type: string + default: "" + required: true + - variable: identifier + label: "Identifier" + description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost." + schema: + type: string + default: "localhost" + required: true + - variable: subject + label: "Subject" + description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier" + schema: + type: string + default: "[Authelia] {title}" + required: true + - variable: startup_check_address + label: "Startup Check Address" + description: "This address is used during the startup check to verify the email configuration is correct." + schema: + type: string + default: "test@authelia.com" + required: true + - variable: disable_require_tls + label: "Disable Require TLS" + schema: + type: boolean + default: false + - variable: disable_html_emails + label: "Disable HTML emails" + schema: + type: boolean + default: false + - variable: tls + label: "TLS Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: server_name + label: "Server Name" + description: "Server Name for certificate validation (in case it's not set correctly in the URL)." + schema: + type: string + default: "" + - variable: skip_verify + label: "Skip Certificate Verification" + description: "Skip verifying the server certificate (to allow a self-signed certificate)" + schema: + type: boolean + default: false + - variable: minimum_version + label: "Minimum TLS version" + description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS." + schema: + type: string + default: "TLS1.2" + enum: + - value: "TLS1.0" + description: "TLS1.0" + - value: "TLS1.1" + description: "TLS1.1" + - value: "TLS1.2" + description: "TLS1.2" + - value: "TLS1.3" + description: "TLS1.3" + - variable: access_control + group: "App Configuration" + label: "Access Control Configuration" + description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users." + schema: + additional_attrs: true + type: dict + attrs: + - variable: default_policy + label: "Default Policy" + description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'." + schema: + type: string + default: "two_factor" + enum: + - value: "bypass" + description: "bypass" + - value: "one_factor" + description: "one_factor" + - value: "two_factor" + description: "two_factor" + - value: "deny" + description: "deny" + + - variable: networks + label: "Networks" + schema: + type: list + default: [] + items: + - variable: networkItem + label: "Network Item" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + default: "" + required: true + - variable: networks + label: "Networks" + schema: + type: list + default: [] + items: + - variable: network + label: "network" + schema: + type: string + default: "" + required: true + + - variable: rules + label: "Rules" + schema: + type: list + default: [] + items: + - variable: rulesItem + label: "Rule" + schema: + additional_attrs: true + type: dict + attrs: + - variable: domain + label: "Domains" + description: "defines which domain or set of domains the rule applies to." + schema: + type: list + default: [] + items: + - variable: domainEntry + label: "Domain" + schema: + type: string + default: "" + required: true + - variable: policy + label: "Policy" + description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'." + schema: + type: string + default: "two_factor" + enum: + - value: "bypass" + description: "bypass" + - value: "one_factor" + description: "one_factor" + - value: "two_factor" + description: "two_factor" + - value: "deny" + description: "deny" + - variable: subject + label: "Subject" + description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided" + schema: + type: list + default: [] + items: + - variable: subjectitem + label: "Subject" + schema: + type: string + default: "" + required: true + - variable: networks + label: "Networks" + schema: + type: list + default: [] + items: + - variable: network + label: "Network" + schema: + type: string + default: "" + required: true + - variable: resources + label: "Resources" + description: "is a list of regular expressions that matches a set of resources to apply the policy to" + schema: + type: list + default: [] + items: + - variable: resource + label: "Resource" + schema: + type: string + default: "" + required: true + + - variable: service + group: "Networking and Services" + label: "Configure Service(s)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the service" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "Simple" + enum: + - value: "Simple" + description: "Simple" + - value: "ClusterIP" + description: "ClusterIP" + - value: "NodePort" + description: "NodePort (Advanced)" + - value: "LoadBalancer" + description: "LoadBalancer (Advanced)" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: ipFamilyPolicy + label: "IP Family Policy" + description: "(Advanced) Specify the ip policy" + schema: + show_if: [["type", "!=", "Simple"]] + type: string + default: "SingleStack" + enum: + - value: "SingleStack" + description: "SingleStack" + - value: "PreferDualStack" + description: "PreferDualStack" + - value: "RequireDualStack" + description: "RequireDualStack" + - variable: ipFamilies + label: "(advanced) IP families" + description: "(advanced) The ip families that should be used" + schema: + show_if: [["type", "!=", "Simple"]] + type: list + default: [] + items: + - variable: ipFamily + label: "IP family" + schema: + type: string + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 9091 + required: true + - variable: advanced + label: "Show Advanced settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: protocol + label: "Port Type" + schema: + type: string + default: "HTTP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - value: "UDP" + description: "UDP" + - variable: nodePort + label: "Node Port (Optional)" + description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + default: 9091 + + - variable: serviceexpert + group: "Networking and Services" + label: "Show Expert Config" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostNetwork + group: "Networking and Services" + label: "Host-Networking (Complicated)" + schema: + type: boolean + default: false + + - variable: externalInterfaces + description: "Add External Interfaces" + label: "Add external Interfaces" + group: "Networking" + schema: + type: list + items: + - variable: interfaceConfiguration + description: "Interface Configuration" + label: "Interface Configuration" + schema: + type: dict + $ref: + - "normalize/interfaceConfiguration" + attrs: + - variable: hostInterface + description: "Please specify host interface" + label: "Host Interface" + schema: + type: string + required: true + $ref: + - "definitions/interface" + - variable: ipam + description: "Define how IP Address will be managed" + label: "IP Address Management" + schema: + type: dict + required: true + attrs: + - variable: type + description: "Specify type for IPAM" + label: "IPAM Type" + schema: + type: string + required: true + enum: + - value: "dhcp" + description: "Use DHCP" + - value: "static" + description: "Use static IP" + show_subquestions_if: "static" + subquestions: + - variable: staticIPConfigurations + label: "Static IP Addresses" + schema: + type: list + items: + - variable: staticIP + label: "Static IP" + schema: + type: ipaddr + cidr: true + - variable: staticRoutes + label: "Static Routes" + schema: + type: list + items: + - variable: staticRouteConfiguration + label: "Static Route Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: destination + label: "Destination" + schema: + type: ipaddr + cidr: true + required: true + - variable: gateway + label: "Gateway" + schema: + type: ipaddr + cidr: false + required: true + + - variable: dnsPolicy + group: "Networking and Services" + label: "dnsPolicy" + schema: + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "ClusterFirst" + description: "ClusterFirst" + - value: "ClusterFirstWithHostNet" + description: "ClusterFirstWithHostNet" + - value: "None" + description: "None" + + - variable: dnsConfig + label: "DNS Configuration" + group: "Networking and Services" + description: "Specify custom DNS configuration which will be applied to the pod" + schema: + additional_attrs: true + type: dict + attrs: + - variable: nameservers + label: "Nameservers" + schema: + default: [] + type: list + items: + - variable: nameserver + label: "Nameserver" + schema: + type: string + - variable: options + label: "options" + schema: + default: [] + type: list + items: + - variable: option + label: "Option Entry" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: searches + label: "Searches" + schema: + default: [] + type: list + items: + - variable: search + label: "Search Entry" + schema: + type: string + + - variable: serviceList + label: "Add Manual Custom Services" + group: "Networking and Services" + schema: + type: list + default: [] + items: + - variable: serviceListEntry + label: "Custom Service" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the service" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Name" + schema: + type: string + default: "" + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "Simple" + enum: + - value: "Simple" + description: "Simple" + - value: "NodePort" + description: "NodePort" + - value: "ClusterIP" + description: "ClusterIP" + - value: "LoadBalancer" + description: "LoadBalancer" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: portsList + label: "Additional Service Ports" + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: "Custom ports" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the port" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Port Name" + schema: + type: string + default: "" + - variable: protocol + label: "Port Type" + schema: + type: string + default: "TCP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - value: "UDP" + description: "UDP" + - variable: targetPort + label: "Target Port" + description: "This port exposes the container port on the service" + schema: + type: int + required: true + - variable: port + label: "Container Port" + schema: + type: int + required: true + - variable: nodePort + label: "Node Port (Optional)" + description: "This port gets exposed to the node. Only considered when service type is NodePort" + schema: + type: int + min: 9000 + max: 65535 + + - variable: persistence + label: "Integrated Persistent Storage" + description: "Integrated Persistent Storage" + group: "Storage and Persistence" + schema: + additional_attrs: true + type: dict + attrs: + - variable: config + label: "App Config Storage" + description: "Stores the Application Configuration." + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: "Type of Storage" + description: "Sets the persistence type, Anything other than PVC could break rollback!" + schema: + type: string + default: "simplePVC" + enum: + - value: "simplePVC" + description: "PVC (simple)" + - value: "simpleHP" + description: "HostPath (simple)" + - value: "emptyDir" + description: "emptyDir" + - value: "pvc" + description: "pvc" + - value: "hostPath" + description: "hostPath" + - value: "nfs" + description: "NFS Share" + - variable: server + label: "NFS server" + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: "Path on NFS server" + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: true + - variable: setPermissions + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: true + - variable: readOnly + label: "readOnly" + schema: + type: boolean + default: false + - variable: hostPathSimple + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: "EmptyDir Medium" + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "Memory" + description: "Memory" + - variable: size + label: "Size quotum of storage" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "999Gi" + - variable: hostPathType + label: "(Advanced) hostPath Type" + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "DirectoryOrCreate" + description: "DirectoryOrCreate" + - value: "Directory" + description: "Directory" + - value: "FileOrCreate" + description: "FileOrCreate" + - value: "File" + description: "File" + - value: "Socket" + description: "Socket" + - value: "CharDevice" + description: "CharDevice" + - value: "BlockDevice" + description: "BlockDevice" + - variable: storageClass + label: "(Advanced) storageClass" + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "SCALE-ZFS" + - variable: accessMode + label: "(Advanced) Access Mode" + description: "Allow or disallow multiple PVC's writhing to the same PV" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "ReadWriteOnce" + enum: + - value: "ReadWriteOnce" + description: "ReadWriteOnce" + - value: "ReadOnlyMany" + description: "ReadOnlyMany" + - value: "ReadWriteMany" + description: "ReadWriteMany" + - variable: advanced + label: "Show Advanced Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: persistenceList + label: "Additional app storage" + group: "Storage and Persistence" + schema: + type: list + default: [] + items: + - variable: persistenceListEntry + label: "Custom Storage" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Name (optional)" + description: "Not required, please set to config when mounting /config or temp when mounting /tmp" + schema: + type: string + - variable: type + label: "Type of Storage" + description: "Sets the persistence type, Anything other than PVC could break rollback!" + schema: + type: string + default: "simpleHP" + enum: + - value: "simplePVC" + description: "PVC (simple)" + - value: "simpleHP" + description: "HostPath (simple)" + - value: "emptyDir" + description: "emptyDir" + - value: "pvc" + description: "pvc" + - value: "hostPath" + description: "hostPath" + - value: "nfs" + description: "NFS Share" + - variable: server + label: "NFS server" + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: "Path on NFS server" + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: true + - variable: setPermissions + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: true + - variable: readOnly + label: "readOnly" + schema: + type: boolean + default: false + - variable: hostPathSimple + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: mountPath + label: "mountPath" + description: "Path inside the container the storage is mounted" + schema: + type: string + default: "" + required: true + valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$' + - variable: medium + label: "EmptyDir Medium" + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "Memory" + description: "Memory" + - variable: size + label: "Size quotum of storage" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "999Gi" + - variable: hostPathType + label: "(Advanced) hostPath Type" + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "DirectoryOrCreate" + description: "DirectoryOrCreate" + - value: "Directory" + description: "Directory" + - value: "FileOrCreate" + description: "FileOrCreate" + - value: "File" + description: "File" + - value: "Socket" + description: "Socket" + - value: "CharDevice" + description: "CharDevice" + - value: "BlockDevice" + description: "BlockDevice" + - variable: storageClass + label: "(Advanced) storageClass" + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "SCALE-ZFS" + - variable: accessMode + label: "(Advanced) Access Mode" + description: "Allow or disallow multiple PVC's writhing to the same PV" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "ReadWriteOnce" + enum: + - value: "ReadWriteOnce" + description: "ReadWriteOnce" + - value: "ReadOnlyMany" + description: "ReadOnlyMany" + - value: "ReadWriteMany" + description: "ReadWriteMany" + - variable: advanced + label: "Show Advanced Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: ingress + label: "" + group: "Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable Ingress" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: "Hosts" + schema: + type: list + default: [] + items: + - variable: hostEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: "HostName" + schema: + type: string + default: "" + required: true + - variable: paths + label: "Paths" + schema: + type: list + default: [] + items: + - variable: pathEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: "path" + schema: + type: string + required: true + default: "/" + - variable: pathType + label: "pathType" + schema: + type: string + required: true + default: "Prefix" + + - variable: tls + label: "TLS-Settings" + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: "Certificate Hosts" + schema: + type: list + default: [] + items: + - variable: host + label: "Host" + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: "Select TrueNAS SCALE Certificate" + schema: + type: int + $ref: + - "definitions/certificate" + + - variable: entrypoint + label: "(Advanced) Traefik Entrypoint" + description: "Entrypoint used by Traefik when using Traefik as Ingress Provider" + schema: + type: string + default: "websecure" + required: true + - variable: middlewares + label: "Traefik Middlewares" + description: "Add previously created Traefik Middlewares to this Ingress" + schema: + type: list + default: [] + items: + - variable: name + label: "Name" + schema: + type: string + default: "" + required: true + + - variable: expert + label: "Show Expert Configuration Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enableFixedMiddlewares + description: "These middlewares enforce a number of best practices." + label: "Enable Default Middlewares" + schema: + type: boolean + default: true + - variable: ingressClassName + label: "IngressClass Name" + schema: + type: string + default: "" + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: ingressList + label: "Add Manual Custom Ingresses" + group: "Ingress" + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: "Custom Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable Ingress" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Name" + schema: + type: string + default: "" + - variable: ingressClassName + label: "IngressClass Name" + schema: + type: string + default: "" + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: hosts + label: "Hosts" + schema: + type: list + default: [] + items: + - variable: hostEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: "HostName" + schema: + type: string + default: "" + required: true + - variable: paths + label: "Paths" + schema: + type: list + default: [] + items: + - variable: pathEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: "path" + schema: + type: string + required: true + default: "/" + - variable: pathType + label: "pathType" + schema: + type: string + required: true + default: "Prefix" + - variable: service + label: "Linked Service" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Service Name" + schema: + type: string + default: "" + - variable: port + label: "Service Port" + schema: + type: int + - variable: tls + label: "TLS-Settings" + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: "Certificate Hosts" + schema: + type: list + default: [] + items: + - variable: host + label: "Host" + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: "Select TrueNAS SCALE Certificate" + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: "Traefik Entrypoint" + description: "Entrypoint used by Traefik when using Traefik as Ingress Provider" + schema: + type: string + default: "websecure" + required: true + - variable: middlewares + label: "Traefik Middlewares" + description: "Add previously created Traefik Middlewares to this Ingress" + schema: + type: list + default: [] + items: + - variable: name + label: "Name" + schema: + type: string + default: "" + required: true + - variable: security + label: "Container Security Settings" + group: "Security and Permissions" + schema: + type: dict + additional_attrs: true + attrs: + - variable: editsecurity + label: "Change PUID / UMASK values" + description: "By enabling this you override default set values." + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: PUID + label: "Process User ID - PUID" + description: "When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps" + schema: + type: int + default: 568 + - variable: UMASK + label: "UMASK" + description: "When supported by the container, this sets the UMASK for tha App. Not supported by all Apps" + schema: + type: string + default: "002" + + - variable: advancedSecurity + label: "Show Advanced Security Settings" + group: "Security and Permissions" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: securityContext + label: "Security Context" + schema: + additional_attrs: true + type: dict + attrs: + - variable: privileged + label: "Privileged mode" + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: "ReadOnly Root Filesystem" + schema: + type: boolean + default: true + - variable: allowPrivilegeEscalation + label: "Allow Privilege Escalation" + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: "runAsNonRoot" + schema: + type: boolean + default: true + - variable: capabilities + label: "Capabilities" + schema: + additional_attrs: true + type: dict + attrs: + - variable: drop + label: "Drop Capability" + schema: + type: list + default: [] + items: + - variable: dropEntry + label: "" + schema: + type: string + - variable: add + label: "Add Capability" + schema: + type: list + default: [] + items: + - variable: addEntry + label: "" + schema: + type: string + + - variable: podSecurityContext + group: "Security and Permissions" + label: "Pod Security Context" + schema: + additional_attrs: true + type: dict + attrs: + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 568 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID this App of the user running the application" + schema: + type: int + default: 568 + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 568 + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: "OnRootMismatch" + enum: + - value: "OnRootMismatch" + description: "OnRootMismatch" + - value: "Always" + description: "Always" + - variable: supplementalGroups + label: "supplemental Groups" + schema: + type: list + default: [] + items: + - variable: supplementalGroupsEntry + label: "supplemental Group" + schema: + type: int + + + - variable: advancedresources + label: "Set Custom Resource Limits/Requests (Advanced)" + group: "Resources and Devices" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: resources + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: limits + label: "Advanced Limit Resource Consumption" + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: "CPU" + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "4000m" + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "8Gi" + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: requests + label: "Minimum Resources Required (request)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: "CPU" + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "10m" + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "50Mi" + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + + - variable: deviceList + label: "Mount USB devices" + group: "Resources and Devices" + schema: + type: list + default: [] + items: + - variable: deviceListEntry + label: "Device" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + - variable: type + label: "(Advanced) Type of Storage" + description: "Sets the persistence type" + schema: + type: string + default: "hostPath" + hidden: true + - variable: readOnly + label: "readOnly" + schema: + type: boolean + default: false + - variable: hostPath + label: "Host Device Path" + description: "Path to the device on the host system" + schema: + type: path + - variable: mountPath + label: "Container Device Path" + description: "Path inside the container the device is mounted" + schema: + type: string + default: "/dev/ttyACM0" + + # Specify GPU configuration + - variable: scaleGPU + label: "GPU Configuration" + group: "Resources and Devices" + schema: + type: dict + $ref: + - "definitions/gpuConfiguration" + attrs: [] + +# - variable: autoscaling +# group: "Advanced" +# label: "(Advanced) Horizontal Pod Autoscaler" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: enabled +# label: "enabled" +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: target +# label: "Target" +# description: "deployment name, defaults to main deployment" +# schema: +# type: string +# default: "" +# - variable: minReplicas +# label: "Minimum Replicas" +# schema: +# type: int +# default: 1 +# - variable: maxReplicas +# label: "Maximum Replicas" +# schema: +# type: int +# default: 5 +# - variable: targetCPUUtilizationPercentage +# label: "Target CPU Utilization Percentage" +# schema: +# type: int +# default: 80 +# - variable: targetMemoryUtilizationPercentage +# label: "Target Memory Utilization Percentage" +# schema: +# type: int +# default: 80 +# - variable: networkPolicy +# group: "Advanced" +# label: "(Advanced) Network Policy" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: enabled +# label: "enabled" +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: policyType +# label: "Policy Type" +# schema: +# type: string +# default: "" +# enum: +# - value: "" +# description: "Default" +# - value: "ingress" +# description: "Ingress" +# - value: "egress" +# description: "Egress" +# - value: "ingress-egress" +# description: "Ingress and Egress" +# - variable: egress +# label: "Egress" +# schema: +# type: list +# default: [] +# items: +# - variable: egressEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: to +# label: "To" +# schema: +# type: list +# default: [] +# items: +# - variable: toEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: ipBlock +# label: "ipBlock" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: cidr +# label: "cidr" +# schema: +# type: string +# default: "" +# - variable: except +# label: "except" +# schema: +# type: list +# default: [] +# items: +# - variable: exceptint +# label: "" +# schema: +# type: string +# - variable: namespaceSelector +# label: "namespaceSelector" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: podSelector +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: ports +# label: "Ports" +# schema: +# type: list +# default: [] +# items: +# - variable: portsEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: port +# label: "port" +# schema: +# type: int +# - variable: endPort +# label: "port" +# schema: +# type: int +# - variable: protocol +# label: "Protocol" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "TCP" +# description: "TCP" +# - value: "UDP" +# description: "UDP" +# - value: "SCTP" +# description: "SCTP" +# - variable: ingress +# label: "Ingress" +# schema: +# type: list +# default: [] +# items: +# - variable: ingressEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: from +# label: "From" +# schema: +# type: list +# default: [] +# items: +# - variable: fromEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: ipBlock +# label: "ipBlock" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: cidr +# label: "cidr" +# schema: +# type: string +# default: "" +# - variable: except +# label: "except" +# schema: +# type: list +# default: [] +# items: +# - variable: exceptint +# label: "" +# schema: +# type: string +# - variable: namespaceSelector +# label: "namespaceSelector" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: podSelector +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: ports +# label: "Ports" +# schema: +# type: list +# default: [] +# items: +# - variable: portsEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: port +# label: "port" +# schema: +# type: int +# - variable: endPort +# label: "port" +# schema: +# type: int +# - variable: protocol +# label: "Protocol" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "TCP" +# description: "TCP" +# - value: "UDP" +# description: "UDP" +# - value: "SCTP" +# description: "SCTP" + + + - variable: addons + group: "Addons" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: vpn + label: "VPN" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: "Type" + schema: + type: string + default: "disabled" + enum: + - value: "disabled" + description: "disabled" + - value: "openvpn" + description: "OpenVPN" + - value: "wireguard" + description: "Wireguard" + - variable: openvpn + label: "OpenVPN Settings" + schema: + type: dict + show_if: [["type", "=", "openvpn"]] + attrs: + - variable: username + label: "authentication username" + description: "authentication username, optional" + schema: + type: string + default: "" + - variable: password + label: "authentication password" + description: "authentication credentials" + schema: + type: string + default: "" + required: true + - variable: killSwitch + label: "Enable killswitch" + schema: + type: boolean + show_if: [["type", "!=", "disabled"]] + default: true + - variable: excludedNetworks_IPv4 + label: "Killswitch Excluded IPv4 networks" + description: "list of killswitch excluded ipv4 addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv4 + label: "IPv4 Network" + schema: + type: string + required: true + - variable: excludedNetworks_IPv6 + label: "Killswitch Excluded IPv6 networks" + description: "list of killswitch excluded ipv4 addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv6 + label: "IPv6 Network" + schema: + type: string + required: true + + - variable: configFile + label: "VPN Config File Location" + schema: + type: dict + show_if: [["type", "!=", "disabled"]] + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "type" + schema: + type: string + default: "hostPath" + hidden: true + - variable: hostPathType + label: "hostPathType" + schema: + type: string + default: "File" + hidden: true + - variable: noMount + label: "noMount" + schema: + type: boolean + default: true + hidden: true + - variable: hostPath + label: "Full path to file" + description: "path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn" + schema: + type: string + default: "" + required: true + - variable: envList + label: "VPN environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + - variable: codeserver + label: "Codeserver" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: git + label: "Git Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: deployKey + description: "Raw SSH private key" + label: "deployKey" + schema: + type: string + - variable: deployKeyBase64 + description: "Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence" + label: "deployKeyBase64" + schema: + type: string + - variable: service + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "NodePort" + enum: + - value: "NodePort" + description: "NodePort" + - value: "ClusterIP" + description: "ClusterIP" + - value: "LoadBalancer" + description: "LoadBalancer" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: ports + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: nodePort + description: "leave empty to disable" + label: "nodePort" + schema: + type: int + default: 36107 + - variable: envList + label: "Codeserver environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + + - variable: promtail + label: "Promtail" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: loki + label: "Loki URL" + schema: + type: string + required: true + - variable: logs + label: "Log Paths" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: path + label: "Path" + schema: + type: string + required: true + - variable: args + label: "Promtail ecommand line arguments" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: arg + label: "Arg" + schema: + type: string + required: true + - variable: envList + label: "Promtail environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + + + + - variable: netshoot + label: "Netshoot" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: envList + label: "Netshoot environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + - variable: identity_providers + group: "Advanced" + label: "Authelia Identity Providers (BETA)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: oidc + label: "OpenID Connect(BETA)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: access_token_lifespan + label: "Access Token Lifespan" + schema: + type: string + default: "1h" + required: true + - variable: authorize_code_lifespan + label: "Authorize Code Lifespan" + schema: + type: string + default: "1m" + required: true + - variable: id_token_lifespan + label: "ID Token Lifespan" + schema: + type: string + default: "1h" + required: true + - variable: refresh_token_lifespan + label: "Refresh Token Lifespan" + schema: + type: string + default: "90m" + required: true + - variable: enable_client_debug_messages + label: "Enable Client Debug Messages" + schema: + type: boolean + default: false + - variable: clients + label: "Clients" + schema: + type: list + default: [] + items: + - variable: clientEntry + label: "Client" + schema: + additional_attrs: true + type: dict + attrs: + - variable: id + label: "ID/Name" + description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration." + schema: + type: string + default: "myapp" + required: true + - variable: description + label: "Description" + description: "The description to show to users when they end up on the consent screen. Defaults to the ID above." + schema: + type: string + default: "My Application" + required: true + - variable: secret + label: "Secret" + description: "The client secret is a shared secret between Authelia and the consumer of this client." + schema: + type: string + default: "" + required: true + - variable: public + label: "public" + description: "Sets the client to public. This should typically not be set, please see the documentation for usage." + schema: + type: boolean + default: false + - variable: authorization_policy + label: "Authorization Policy" + description: "The policy to require for this client; one_factor or two_factor." + schema: + type: string + default: "two_factor" + enum: + - value: "one_factor" + description: "one_factor" + - value: "two_factor" + description: "two_factor" + - variable: userinfo_signing_algorithm + label: "Userinfo Signing Algorithm" + description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256." + schema: + type: string + default: "none" + enum: + - value: "none" + description: "none" + - value: "RS256" + description: "RS256" + - variable: audience + label: "Audience" + description: "Audience this client is allowed to request." + schema: + type: list + default: [] + items: + - variable: audienceEntry + label: "" + schema: + type: string + default: "" + required: true + - variable: scopes + label: "Scopes" + description: "Scopes this client is allowed to request." + schema: + type: list + default: [] + items: + - variable: ScopeEntry + label: "Scope" + schema: + type: string + default: "openid" + required: true + - variable: redirect_uris + label: "redirect_uris" + description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client." + schema: + type: list + default: [] + items: + - variable: uriEntry + label: "Url" + schema: + type: string + default: "https://oidc.example.com/oauth2/callback" + required: true + - variable: grant_types + description: "Grant Types configures which grants this client can obtain." + label: "grant_types" + schema: + type: list + default: [] + items: + - variable: grantEntry + label: "Grant" + schema: + type: string + default: "refresh_token" + required: true + - variable: response_types + description: "Response Types configures which responses this client can be sent." + label: "response_types" + schema: + type: list + default: [] + items: + - variable: responseEntry + label: "type" + schema: + type: string + default: "code" + required: true + - variable: response_modes + description: "Response Modes configures which response modes this client supports." + label: "response_modes" + schema: + type: list + default: [] + items: + - variable: modeEntry + label: "Mode" + schema: + type: string + default: "form_post" + required: true diff --git a/stable/authelia/11.0.19/templates/_configmap.tpl b/stable/authelia/11.0.19/templates/_configmap.tpl new file mode 100644 index 00000000000..57d75320032 --- /dev/null +++ b/stable/authelia/11.0.19/templates/_configmap.tpl @@ -0,0 +1,248 @@ +{{/* Define the configmap */}} +{{- define "authelia.configmap" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: authelia-paths +data: + AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true" + AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN" + AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY" + AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY" + AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD" + {{- if .Values.authentication_backend.ldap.enabled }} + AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD" + {{- end }} + {{- if .Values.notifier.smtp.enabled }} + AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD" + {{- end }} + AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD" + {{- if .Values.redisProvider.high_availability.enabled }} + AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD" + {{- end }} + {{- if .Values.duo_api.enabled }} + AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY" + {{- end }} + {{- if .Values.identity_providers.oidc.enabled }} + AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET" + AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY" + {{- end }} + +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: authelia-configfile +data: + configuration.yaml: | + --- + theme: {{ default "light" .Values.theme }} + default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }} + server: + host: 0.0.0.0 + port: {{ default 9091 .Values.server.port }} + {{- if not (eq "" (default "" .Values.server.path)) }} + path: {{ .Values.server.path }} + {{- end }} + read_buffer_size: {{ default 4096 .Values.server.read_buffer_size }} + write_buffer_size: {{ default 4096 .Values.server.write_buffer_size }} + enable_pprof: {{ default false .Values.server.enable_pprof }} + enable_expvars: {{ default false .Values.server.enable_expvars }} + log: + level: {{ default "info" .Values.log.level }} + format: {{ default "text" .Values.log.format }} + {{- if not (eq "" (default "" .Values.log.file_path)) }} + file_path: {{ .Values.log.file_path }} + keep_stdout: true + {{- end }} + totp: + issuer: {{ default .Values.domain .Values.totp.issuer }} + period: {{ default 30 .Values.totp.period }} + skew: {{ default 1 .Values.totp.skew }} + {{- if .Values.duo_api.enabled }} + duo_api: + hostname: {{ .Values.duo_api.hostname }} + integration_key: {{ .Values.duo_api.integration_key }} + {{- end }} + {{- with $auth := .Values.authentication_backend }} + authentication_backend: + disable_reset_password: {{ $auth.disable_reset_password }} + {{- if $auth.file.enabled }} + file: + path: {{ $auth.file.path }} + password: {{ toYaml $auth.file.password | nindent 10 }} + {{- end }} + {{- if $auth.ldap.enabled }} + ldap: + implementation: {{ default "custom" $auth.ldap.implementation }} + url: {{ $auth.ldap.url }} + timeout: {{ default "5s" $auth.ldap.timeout }} + start_tls: {{ $auth.ldap.start_tls }} + tls: + {{- if hasKey $auth.ldap.tls "server_name" }} + server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }} + {{- end }} + minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }} + skip_verify: {{ default false $auth.ldap.tls.skip_verify }} + {{- if $auth.ldap.base_dn }} + base_dn: {{ $auth.ldap.base_dn }} + {{- end }} + {{- if $auth.ldap.username_attribute }} + username_attribute: {{ $auth.ldap.username_attribute }} + {{- end }} + {{- if $auth.ldap.additional_users_dn }} + additional_users_dn: {{ $auth.ldap.additional_users_dn }} + {{- end }} + {{- if $auth.ldap.users_filter }} + users_filter: {{ $auth.ldap.users_filter }} + {{- end }} + {{- if $auth.ldap.additional_groups_dn }} + additional_groups_dn: {{ $auth.ldap.additional_groups_dn }} + {{- end }} + {{- if $auth.ldap.groups_filter }} + groups_filter: {{ $auth.ldap.groups_filter }} + {{- end }} + {{- if $auth.ldap.group_name_attribute }} + group_name_attribute: {{ $auth.ldap.group_name_attribute }} + {{- end }} + {{- if $auth.ldap.mail_attribute }} + mail_attribute: {{ $auth.ldap.mail_attribute }} + {{- end }} + {{- if $auth.ldap.display_name_attribute }} + display_name_attribute: {{ $auth.ldap.display_name_attribute }} + {{- end }} + user: {{ $auth.ldap.user }} + {{- end }} + {{- end }} + {{- with $session := .Values.session }} + session: + name: {{ default "authelia_session" $session.name }} + domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }} + same_site: {{ default "lax" $session.same_site }} + expiration: {{ default "1M" $session.expiration }} + inactivity: {{ default "5m" $session.inactivity }} + remember_me_duration: {{ default "1M" $session.remember_me_duration }} + {{- end }} + redis: + host: {{ .Values.redis.url.plain }} + {{- with $redis := .Values.redisProvider }} + port: {{ default 6379 $redis.port }} + {{- if not (eq $redis.username "") }} + username: {{ $redis.username }} + {{- end }} + maximum_active_connections: {{ default 8 $redis.maximum_active_connections }} + minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }} + {{- if $redis.tls.enabled }} + tls: + server_name: {{ $redis.tls.server_name }} + minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }} + skip_verify: {{ $redis.tls.skip_verify }} + {{- end }} + {{- if $redis.high_availability.enabled }} + high_availability: + sentinel_name: {{ $redis.high_availability.sentinel_name }} + {{- if $redis.high_availability.nodes }} + nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }} + {{- end }} + route_by_latency: {{ $redis.high_availability.route_by_latency }} + route_randomly: {{ $redis.high_availability.route_randomly }} + {{- end }} + {{- end }} + regulation: {{ toYaml .Values.regulation | nindent 6 }} + storage: + postgres: + host: {{ printf "%v-%v" .Release.Name "postgresql" }} + {{- with $storage := .Values.storage }} + port: {{ default 5432 $storage.postgres.port }} + database: {{ default "authelia" $storage.postgres.database }} + username: {{ default "authelia" $storage.postgres.username }} + timeout: {{ default "5s" $storage.postgres.timeout }} + sslmode: {{ default "disable" $storage.postgres.sslmode }} + {{- end }} + {{- with $notifier := .Values.notifier }} + notifier: + disable_startup_check: {{ $.Values.notifier.disable_startup_check }} + {{- if $notifier.filesystem.enabled }} + filesystem: + filename: {{ $notifier.filesystem.filename }} + {{- end }} + {{- if $notifier.smtp.enabled }} + smtp: + host: {{ $notifier.smtp.host }} + port: {{ default 25 $notifier.smtp.port }} + timeout: {{ default "5s" $notifier.smtp.timeout }} + username: {{ $notifier.smtp.username }} + sender: {{ $notifier.smtp.sender }} + identifier: {{ $notifier.smtp.identifier }} + subject: {{ $notifier.smtp.subject | quote }} + startup_check_address: {{ $notifier.smtp.startup_check_address }} + disable_require_tls: {{ $notifier.smtp.disable_require_tls }} + disable_html_emails: {{ $notifier.smtp.disable_html_emails }} + tls: + server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }} + minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }} + skip_verify: {{ default false $notifier.smtp.tls.skip_verify }} + {{- end }} + {{- end }} + {{- if .Values.identity_providers.oidc.enabled }} + identity_providers: + oidc: + access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }} + authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }} + id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }} + refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }} + enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }} + minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }} + {{- if gt (len .Values.identity_providers.oidc.clients) 0 }} + clients: + {{- range $client := .Values.identity_providers.oidc.clients }} + - id: {{ $client.id }} + description: {{ default $client.id $client.description }} + secret: {{ default (randAlphaNum 128) $client.secret }} + {{- if $client.public }} + public: {{ $client.public }} + {{- end }} + authorization_policy: {{ default "two_factor" $client.authorization_policy }} + redirect_uris: + {{- range $client.redirect_uris }} + - {{ . }} + {{- end }} + {{- if $client.audience }} + audience: {{ toYaml $client.audience | nindent 10 }} + {{- end }} + scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }} + grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }} + response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }} + {{- if $client.response_modes }} + response_modes: {{ toYaml $client.response_modes | nindent 10 }} + {{- end }} + userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }} + {{- end }} + {{- end }} + {{- end }} + access_control: + {{- if (eq (len .Values.access_control.rules) 0) }} + {{- if (eq .Values.access_control.default_policy "bypass") }} + default_policy: one_factor + {{- else if (eq .Values.access_control.default_policy "deny") }} + default_policy: two_factor + {{- else }} + default_policy: {{ .Values.access_control.default_policy }} + {{- end }} + {{- else }} + default_policy: {{ .Values.access_control.default_policy }} + {{- end }} + {{- if (eq (len .Values.access_control.networks) 0) }} + networks: [] + {{- else }} + networks: {{ toYaml .Values.access_control.networks | nindent 6 }} + {{- end }} + {{- if (eq (len .Values.access_control.rules) 0) }} + rules: [] + {{- else }} + rules: {{ toYaml .Values.access_control.rules | nindent 6 }} + {{- end }} + ... +{{- end -}} diff --git a/stable/authelia/11.0.19/templates/_secrets.tpl b/stable/authelia/11.0.19/templates/_secrets.tpl new file mode 100644 index 00000000000..81fbe92ff70 --- /dev/null +++ b/stable/authelia/11.0.19/templates/_secrets.tpl @@ -0,0 +1,67 @@ +{{/* Define the secrets */}} +{{- define "authelia.secrets" -}} +--- + +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: authelia-secrets +{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }} +{{- $oidckey := "" }} +{{- $oidcsecret := "" }} +{{- $jwtsecret := "" }} +{{- $sessionsecret := "" }} +{{- $encryptionkey := "" }} +data: + {{- if $autheliaprevious }} + SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" }} + JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" }} + {{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }} + ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" }} + {{- else }} + {{- $encryptionkey := randAlphaNum 100 }} + ENCRYPTION_KEY: {{ $encryptionkey | b64enc }} + {{- end }} + {{- else }} + {{- $jwtsecret := randAlphaNum 50 }} + {{- $sessionsecret := randAlphaNum 50 }} + {{- $encryptionkey := randAlphaNum 100 }} + SESSION_ENCRYPTION_KEY: {{ $sessionsecret | b64enc }} + JWT_TOKEN: {{ $jwtsecret | b64enc}} + ENCRYPTION_KEY: {{ $encryptionkey | b64enc }} + {{- end }} + + {{- if .Values.authentication_backend.ldap.enabled }} + LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password | b64enc | quote }} + {{- end }} + + {{- if .Values.notifier.smtp.enabled }} + SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password | b64enc | quote }} + {{- end }} + + {{- if .Values.duo_api.enabled }} + DUO_API_KEY: {{ .Values.duo_api.plain_api_key | b64enc }} + {{- end }} + + STORAGE_PASSWORD: {{ .Values.postgresql.postgresqlPassword | trimAll "\"" | b64enc }} + + REDIS_PASSWORD: {{ .Values.redis.redisPassword | trimAll "\"" | b64enc }} + {{- if .Values.redisProvider.high_availability.enabled}} + REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" | b64enc }} + {{- end }} + + {{- if $autheliaprevious }} + {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }} + OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }} + OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }} + {{- else }} + {{- $oidckey := genPrivateKey "rsa" }} + {{- $oidcsecret := randAlphaNum 32 }} + OIDC_PRIVATE_KEY: {{ $oidckey | b64enc }} + OIDC_HMAC_SECRET: {{ $oidcsecret | b64enc }} + {{- end }} + {{- end }} + + +{{- end -}} diff --git a/stable/authelia/11.0.19/templates/common.yaml b/stable/authelia/11.0.19/templates/common.yaml new file mode 100644 index 00000000000..614b468adf3 --- /dev/null +++ b/stable/authelia/11.0.19/templates/common.yaml @@ -0,0 +1,74 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.common.loader.init" . }} + +{{/* Render configmap for authelia */}} +{{- include "authelia.configmap" . }} + +{{/* Render secrets for authelia */}} +{{- include "authelia.secrets" . }} + +{{/* Append the general configMap volume to the volumes */}} +{{- define "authelia.configmapVolume" -}} +enabled: "true" +mountPath: " /configuration.yaml" +readOnly: true +subPath: configuration.yaml +type: "custom" +volumeSpec: + configMap: + name: authelia-configfile + items: + - key: configuration.yaml + path: configuration.yaml +{{- end -}} + +{{/* Append the general secret volumes to the volumes */}} +{{- define "authelia.secretVolumes" -}} +enabled: "true" +mountPath: "/secrets" +readOnly: true +type: "custom" +volumeSpec: + secret: + secretName: authelia-secrets + items: + - key: "JWT_TOKEN" + path: JWT_TOKEN + - key: "SESSION_ENCRYPTION_KEY" + path: SESSION_ENCRYPTION_KEY + - key: "ENCRYPTION_KEY" + path: ENCRYPTION_KEY + - key: "STORAGE_PASSWORD" + path: STORAGE_PASSWORD + {{- if .Values.authentication_backend.ldap.enabled }} + - key: "LDAP_PASSWORD" + path: LDAP_PASSWORD + {{- end }} + {{- if .Values.notifier.smtp.enabled }} + - key: "SMTP_PASSWORD" + path: SMTP_PASSWORD + {{- end }} + - key: "REDIS_PASSWORD" + path: REDIS_PASSWORD + {{- if .Values.redisProvider.high_availability.enabled}} + - key: "REDIS_SENTINEL_PASSWORD" + path: REDIS_SENTINEL_PASSWORD + {{- end }} + {{- if .Values.duo_api.enabled }} + - key: "DUO_API_KEY" + path: DUO_API_KEY + {{- end }} + {{- if .Values.identity_providers.oidc.enabled }} + - key: "OIDC_PRIVATE_KEY" + path: OIDC_PRIVATE_KEY + - key: "OIDC_HMAC_SECRET" + path: OIDC_HMAC_SECRET + {{- end }} +{{- end -}} + +{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}} +{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}} + + +{{/* Render the templates */}} +{{ include "tc.common.loader.apply" . }} diff --git a/stable/authelia/11.0.19/values.yaml b/stable/authelia/11.0.19/values.yaml new file mode 100644 index 00000000000..e69de29bb2d